Ransomware reports in 2025 are on par to exceed last year’s numbers, with more than 500 global incidents taking place in the month of January alone. In total, 2024 saw 5,461 attacks, 15% more than 2023. While a number of factors can be attributed to ransomware’s continued growth, the role of the initial access broker or IAB, should not be understated, nor ignored.
An IAB is a threat actor who specializes in acquiring internal access to organizations and selling unauthorized access on the dark web. They play a critical role in allowing for a wider range of threat actors to engage in high-risk cyber threats like ransomware attacks, by launching the initial leg work of infiltrating the compromised organization. In lowering this barrier to entry, threat actors can not only increase the volume of their attacks but the speed at which they can deliver them. The following is a look into IAB tactics, relations with ransomware groups and services offered.
Educational Webinars, Videos & Podcasts: Receive cutting-edge insights and invaluable resources, empowering you to stay ahead in the dynamic world of security.
Empowering Content: At your computer or on-the-go, stay up-to-date when you receive our eNewsletters curated with the latest technology and services that address physical, logical, cyber and enterprise resilience.
Unlimited Article Access: Dive deep into the world of cybersecurity and risk management leadership with unlimited access to our library of online articles.