Initial Access Brokers

This report explains initial access brokers (IABs)—criminal actors who gain and sell footholds into organizations' networks (via phishing, exploited vulnerabilities, stolen credentials, or compromised third-party accounts)—and details the types of access they sell, their role enabling ransomware and extortion operations, and recommended mitigations such as MFA, risk-based vulnerability management, EDR/MDR, and incident response planning.