Tomcat
Professional
- Messages
- 2,687
- Reaction score
- 1,038
- Points
- 113
According to the research results of the analytical center "Garda Technologies" (part of ICS Holding) for 2019, the capacity of the shadow market results to 1,039,632,336 rubles. Since 2016, the market for illegal database sales has grown by 76%. In 2019, data from 70,064,796 clients of 42 financial institutions in Russia were on the public sale. Data relevance - 2018-2019.
Excluding the data that is collected by parsing open sources of information, among the current offers, 191 unique databases of clients of financial institutions were identified, offered in 2019 by various sellers in various configurations.
Most of the compromised data is federal-scale databases, without reference to regions and cities. However, there are many proposals from the bases of specific regional divisions of banks. Slightly less than half of the proposals for sale - 493 thousand records - are the databases of banks in the Moscow region. Altai Krai databases are in second place (478 thousand records). The third place is taken by the Nizhny Novgorod region and Samara (in total, 423 thousand records).
The cost of publicly traded databases of the banking sector depends on the prevalence of supply, the completeness and relevance of the data. The average price offer on the market is 175 thousand rubles. for 45,000 customer data of financial institutions. Quotations are divided into two groups - unique and replicable databases. Fresh unloadings from automated banking systems, sold "one-to-one", have the greatest value. The cost of one record from such a database starts from 5 rubles. and can reach 2000 rubles. The average cost of recording replicated databases sold several times is much less and amounts to 0.5 rubles. per entry and below, depending on the volume of purchases.
In the financial sector, pricing dynamics for replicated databases is less dependent on the freshness of the database, and more on their completeness. So, information about VIP-clients of a regional branch of a large bank, indicating passport data, card number and current account balance, relevant for 2015, is openly sold at a price of 15-20 thousand rubles for a database of 20,000 entries - for the same money you can buy a list of 300,000 salary clients with only their full name and phone number for 2018.
The risk to a user of banking services in the event of a data breach ranges from social engineering with calls from "tech support" from regular mobile numbers with messages about blocking or debiting from cards that are not available, to major fraud with bills and loans ...
For banks, in addition to direct loss of customers, large leaks are fraught with loss of reputation and sanctions from regulators on the fact of violation of Law 152-FZ "On Personal Data".
The high demand for databases of banks on the black market generates more and more relevant proposals. Insiders often work to order, while there is no direct access to them, sellers work with different data sources.
To safeguard data and prevent leaks, Garda Technologies analysts recommend that financial institutions more closely monitor the legitimacy of access to their databases within the organization, pay attention to massive downloads from information storage systems and abnormal actions of privileged users, and also control the vulnerabilities of the DBMS used.
Excluding the data that is collected by parsing open sources of information, among the current offers, 191 unique databases of clients of financial institutions were identified, offered in 2019 by various sellers in various configurations.
Most of the compromised data is federal-scale databases, without reference to regions and cities. However, there are many proposals from the bases of specific regional divisions of banks. Slightly less than half of the proposals for sale - 493 thousand records - are the databases of banks in the Moscow region. Altai Krai databases are in second place (478 thousand records). The third place is taken by the Nizhny Novgorod region and Samara (in total, 423 thousand records).
The cost of publicly traded databases of the banking sector depends on the prevalence of supply, the completeness and relevance of the data. The average price offer on the market is 175 thousand rubles. for 45,000 customer data of financial institutions. Quotations are divided into two groups - unique and replicable databases. Fresh unloadings from automated banking systems, sold "one-to-one", have the greatest value. The cost of one record from such a database starts from 5 rubles. and can reach 2000 rubles. The average cost of recording replicated databases sold several times is much less and amounts to 0.5 rubles. per entry and below, depending on the volume of purchases.
In the financial sector, pricing dynamics for replicated databases is less dependent on the freshness of the database, and more on their completeness. So, information about VIP-clients of a regional branch of a large bank, indicating passport data, card number and current account balance, relevant for 2015, is openly sold at a price of 15-20 thousand rubles for a database of 20,000 entries - for the same money you can buy a list of 300,000 salary clients with only their full name and phone number for 2018.
The risk to a user of banking services in the event of a data breach ranges from social engineering with calls from "tech support" from regular mobile numbers with messages about blocking or debiting from cards that are not available, to major fraud with bills and loans ...
For banks, in addition to direct loss of customers, large leaks are fraught with loss of reputation and sanctions from regulators on the fact of violation of Law 152-FZ "On Personal Data".
The high demand for databases of banks on the black market generates more and more relevant proposals. Insiders often work to order, while there is no direct access to them, sellers work with different data sources.
To safeguard data and prevent leaks, Garda Technologies analysts recommend that financial institutions more closely monitor the legitimacy of access to their databases within the organization, pay attention to massive downloads from information storage systems and abnormal actions of privileged users, and also control the vulnerabilities of the DBMS used.
