Large organizations and industrial players face daily threats because their data can be sold on illicit markets for a profit. Kirill Kruglov, a senior researcher and developer at Kaspersky Lab, explained to socialbites.ca that attackers have managed to sell the login credentials and key files of well-known companies for as little as $150.
The data gathered by these intruders largely consists of access details, usernames, passwords, and critical configuration files. Kruglov noted that attackers cast a wide net, compromising thousands of different organizations and industrial enterprises to build a broad curation of stolen data. This enables them to market the information on various sites or through brokers who set sale prices at several dollars per item. If the company is widely recognized, a more valuable set of credentials can fetch $100 or $150 in some cases.
Kruglov added that his team, after two years of monitoring, identified tens of thousands of compromised systems where access is traded on multiple platforms. On average, several hundred new accounts are added each day, underscoring the pressing need for robust protections across industrial sectors. The implication is clear: any large industrial enterprise can become a target, and safeguarding measures must keep pace with the evolving threat landscape.
In addition to data harvesting, state or politically motivated motives, competitive maneuvering, or the lure of financial gain can drive an attack. If an attacker breaches the infrastructure, the goal may shift toward crippling operations or demanding ransom. Encryption and secure access controls are essential to minimize exposure and maximize resilience in the face of such incidents.
Further reading highlights how large companies fall prey to breaches, why rapid training is not enough on its own to prevent intrusions, and the profile of a malware designer. These insights come from Kruglova at socialbites.ca and reflect ongoing observations in the cybercrime landscape.
Earlier investigations also show that attackers have pursued low-friction entry points, such as discovering Bluetooth device owners, to map devices and leverage them for broader access. The evolving threat demands continuous improvement in defense strategies, from network segmentation to credential hygiene and beyond, to reduce the likelihood of a successful intrusion.