1、Initial Access BrokersReportApril 2025Table of Contents345581012131819212527Executive SummaryIntroductionWhat is an IAB?Dive-inA zoom in on an IAB:MiyakoConclusionsContuct UsCountriesTargeted Indutry RevenueAccess TypeAccess PricesSecurity ProductsInitial Access Brokers Report 2 Executive SummaryIni

2、tial Access Brokers(IABs)are threat actors who infiltrate networks,systems,or organizations and sell this unauthorized access to other malicious actors.Instead of executing the entire cyber attack,IABs focus on the initial breach and monetize it by selling access to compromised systems.They assist r

3、ansomware operations,particularly RaaS schemes,by streamlining attacks and reducing workload at the start.The report,based on data from Cyberint,a Check Point companys research team over the past two years and a half on leading dark web forums(namely Ramp,Breach,XSS and Exploit Forums),highlights th

4、at the US was the prime target of IABs in 2023,with over 31%of attacks targeting the country.In 2024,France and Brazil have been increasingly targeted.In the top 10 countries,the number of accesses for sale increased by 90%,indicating threat actors are focusing on specific countries,rather than spre

5、ading out geographic targets.This could be for a number of reasons,from targeting countries with higher economic potential to targeting countries with more valuable data.IABs target various industries,with the business services sector being the most frequently targeted,similar to ransomware trends.T

6、he retail industry has remained consistently in the top 3 in 2023 and 2024,but the manufacturing industry has been increasingly targeted in 2024,creeping up into the top 3 in 2024.The spread of companies targeted has also grown with each industry receiving a smaller share of the pie in 2024,with mor