Chinese trade negotiators suddenly canceled a visit to meet U.S. farmers after they wrapped up trade talks in Washington this week.Marketsread more
Blackstone Executive Vice Chairman Tony James says he's less optimistic now than before that the U.S.-China trade war could be resolved, but even a smaller deal could help...World Economyread more
The Pentagon will deploy U.S. forces to the Middle East on the heels of the attack on Saudi Arabian oil facilities, United States Secretary of Defense Mark Esper announced...Defenseread more
President Trump also said he is "not looking for a partial deal" with Beijing, moving away from his suggestion last week that he would consider an "interim deal."Politicsread more
Progress on trade talks will determine how far market will move above new highs.Trader Talk with Bob Pisaniread more
"Sure, the trade war's taking its toll on business ... it's just not taking its toll where it was supposed to," Jim Cramer says.Mad Money with Jim Cramerread more
Joe Biden called on President Donald Trump Friday to release the transcript of a call with a foreign leader that is the subject of a whistleblower complaint. Biden described...Politicsread more
For investors taking a breather from the chaos in August, buckle up as the market is about go crazy again, Goldman Sachs warned.Marketsread more
Palantir Technologies is targeting a valuation of at least $26 billion in a private fundraising round, the first for the Peter Thiel-backed data analytics startup in four...Wall Streetread more
Michael Pack, a conservative filmmaker linked to Steve Bannon, saw at least $1.6 million in donations from his nonprofit sent into the coffers of his independent production...Politicsread more
The New England Patriots released Antonio Brown just 11 days after signing the wide receiver. The NFL Super Bowl champion team initially had kept him in the face of a rape...Sportsread more
It would be hard to walk into to a major business and walk away with all its sensitive information. But sometimes that's not the case when it comes to online networks.
Q6 Cyber, a cybersecurity firm that specializes in monitoring the dark web, showed CNBC a forum post in Russian where the cybercriminal was offering access to a New York City law firm’s network and files, and was willing to send screenshots as evidence he had broken in.
The price for the access was $3,500.
That law firm was not alone, says Eli Dominitz the founder and CEO of Q6, which is based on Hollywood, Florida. Q6 has found similar information from law firms in Beverly Hills and other locations across the country for sale. They would not name any of the law firms.
“If you're a law firm that's involved in major transactions, [mergers & acquisitions] of publicly traded companies, you're going to have a lot of sensitive information, inside information before it becomes publicly available,” Dominitz said. “If I'm able to access that, I can trade around that and manipulate stocks and make a lot of money. We've seen that kind of activity by very sophisticated cybercriminals.”
The law firms are just one of the many targets of cybercriminals. There has been a 135 percent year-over-year increase in financial data, such as bank account logins and financial records, being sold on dark web, according to Intsights, a cyber-intelligence company.
“Today, banks and financial institutions have lots of partners and third parties. [There are] lots of security vulnerabilities and black holes. In many cases, a hacker can manage to take advantage of one platform,” said Itay Kozuch, Intsights' director of threat research.
None of the experts CNBC spoke to were surprised the law firms’ records were for sale.
Matt O’Neill, a supervisory special agent with the Secret Service unit that manages financial crimes said he wouldn't be at all surprised if law firms had their data stolen and sold online.
While the law firm information for sale was found on hidden websites, O’Neill says the top cybercriminals are actually becoming more brazen about advertising their wares. It comes down to getting the most customers.
“You want everybody who potentially wants to buy it to access you, and not to go through a bunch of different steps in order to even find you,” O’Neill said.
“I would say that the people operating on the dark web are on the lower tier of the hierarchical structure of bad guys,” O’Neill said.
But that lower tier is now collaborating on dark web forums and becoming more sophisticated.
“They actually have different sites in various languages in which you'd go and actually exchange ideas, and collaborate from a criminal nature,” said Robert Villanueva, an executive vice president at Q6. He spent over 20 years with the Secret Service and founded their cyber intelligence section. “There's hundreds of these websites. Thousands of users and threat actors on these websites, dedicated to one thing: cybercrime. Period.”
To the cybercriminals, borders do not matter.
“You can be a criminal in Nigeria, in Brazil, in Miami, in London. All you have to do is know where to go, find the right tools and services, and you can be up and running very quickly. It's almost plug and play,” Dominitz said.
While most cybercriminals are motivated by money, there is a sense of community on these forums with members willing to share their tips and tricks, according to Dominitz. “A lot of these forums have dedicated sections or threads and posts that are helping these newbies get in the business of cybercrime," he explaineed.
One major target they're trying to capture? Your user name and password. Dominitz showed CNBC an online marketplace where these credentials are sold.
“These are… online logins to financial institutions, ecommerce companies, retail companies,” he said.
There is a 40 percent year-over-year increase in financial institution credentials being sold on the dark web, according to Intsights.
The marketplace CNBC saw predominantly sells consumer credentials, but criminals can gain access to business user names and passwords as well.
“We've seen situations where cybercriminals are specifically advertising IT admin credentials…Those have very, very high privileges, and those accounts worth a lot of money,” Dominitz said. “A CEO is going to have a lot of sensitive information. But if you're talking about network access and systems access, it's usually the IT admin who's going to have a lot more [access] than anybody else.”
Another reason cybercriminals want credentials is to access email accounts.
“How many people keep sensitive information in their emails, in their different folders? Well, that's how they get into multiple accounts. And then, basically compromise your credit. Compromise your family security,” Villanueva said.