Seminar

Introduction to the cybercrime ecosystem. How your research data ends up for sale

Borja Lanseros

Single-layer security measures can initially be highly effective, but attackers constantly evolve — much like therapy resistance. The number of possible attack vectors vastly exceeds what any IT team can monitor manually, both financially and in terms of resources. Rational security strategies based on a deep understanding of the underlying criminal ecosystem are potentially powerful in protecting research institutions. In my talk I'll discuss how the stolen credentials black market operates — from infostealers that silently harvest your passwords to Initial Access Brokers who sell network access for as little as $10. Examples will include real exposure data , anonymized victim profiling from a single credential set, and our threat intelligence approaches to detect compromises before attackers can monetize them.