• Home
  • /
  • Malware
  • /
  • Ransomware, cyber extortion pick up, with access brokers playing a key role, says CrowdStrike

Ransomware, cyber extortion pick up, with access brokers playing a key role, says CrowdStrike

By Tracey Burrows, ITWeb contributor

Johannesburg, 23 May 2022

Criminal access brokers are stepping up their activity, targeting industry sectors such as academic institutions, industrial and engineering professional services, technology and financial services, and selling access to these organisations to ransomware attackers.

This is the warning from CrowdStrike, expert behind the world’s most advanced cloud-native platform, and Platinum Sponsor and CISO Executive Roundtable Sponsor of the upcoming ITWeb Security Summit 2022. 

CrowdStrike, whose Falcon X automated threat intelligence analyses the deep and dark web, says access brokers are proliferating. These brokers have a significant history of providing initial access to multiple entities, and may also perform additional roles such as providing login credentials or device configuration data.

Daccache, cyber security expert and Systems Engineering Manager Middle East & Africa at CrowdStrike, says CrowdStrike’s 2022 Global Threat Report indicates that ransomware remains big business globally, with an 82% increase in ransomware-related data leaks in 2021. On top of facing ransomware demands, victims can also face criminal extortion following a ransomware attack. “Many organisations fall victim to the same attackers more than once. In fact, paying a ransom can further fuel the cyber crime system and actually increase the victim’s risk of being attacked again,” he says.

“Defeating the criminal extortion threat requires a full spectrum understanding of the adversary’s operational life cycle,” he notes.

Daccache will present a session on Ransomware and cyber extortion: Are you a low-hanging fruit? (and what to do about it) at the Security Summit in Johannesburg on 31 May, and Yassin Watlal, system engineering manager at CrowdStrike, will speak at the Security Summit in Cape Town on 6 June.

The presentations will outline the reasons for the significant increase in ransomware and the most significant cyber attacks of the year; assessing the growing ‘ransomware as a service’ trend; the role initial access brokers play in attacks; and how organisations can determine whether they are vulnerable.

For more information and to register for the ITWeb Security Summit 2022, go to