Netflix blames its content slate, regional price increases and a "pull-forward effect" of its strong Q1 growth for the miss.Technologyread more
Netflix lost paid U.S. subscribers for the first time in eight years and fell below analyst estimates for international subscriber growth.Tech Driversread more
Despite a disappointing earnings report, Wall Street analysts are sticking by the stock and looking ahead to the third quarter.Marketsread more
Treasury Secretary Steven Mnuchin says if the call goes well, he would expect in-person meetings to take place.Marketsread more
Southwest joints United and American in taking the Boeing 737 Max out of its schedules through early November with no end in sight to the federally-mandated grounding of the...Airlinesread more
Revenue of $10.24 billion exceeded the consensus estimate by almost $250 million.Financeread more
The strengthening of the president's formidable campaign war chest has led his organization, along with the Republican National Committee, to raise over $100 million in the...2020 Electionsread more
The three-judge panel in the U.S. Court of Appeals for the Second Circut also upheld the more than $7.7 million in fines and restitution that a judge imposed on Shkreli last...Biotech and Pharmaceuticalsread more
Raymond James upgraded Apple and said its most recent checks show Apple is preparing to bring a 5G iPhone to a wider range of models than previously thought.Marketsread more
Toys R Us is opening two permanent stores in November — at Simon Property Group's Galleria mall in Houston and at Unibail-Rodamco-Westfield's Garden State Plaza mall in...Retailread more
Philip Morris International beats second-quarter earnings and revenue estimates and hikes its full-year forecast as its new tobacco products gain momentum.Health and Scienceread more
It would be hard to walk into to a major business and walk away with all its sensitive information. But sometimes that's not the case when it comes to online networks.
Q6 Cyber, a cybersecurity firm that specializes in monitoring the dark web, showed CNBC a forum post in Russian where the cybercriminal was offering access to a New York City law firm’s network and files, and was willing to send screenshots as evidence he had broken in.
The price for the access was $3,500.
That law firm was not alone, says Eli Dominitz the founder and CEO of Q6, which is based on Hollywood, Florida. Q6 has found similar information from law firms in Beverly Hills and other locations across the country for sale. They would not name any of the law firms.
“If you're a law firm that's involved in major transactions, [mergers & acquisitions] of publicly traded companies, you're going to have a lot of sensitive information, inside information before it becomes publicly available,” Dominitz said. “If I'm able to access that, I can trade around that and manipulate stocks and make a lot of money. We've seen that kind of activity by very sophisticated cybercriminals.”
The law firms are just one of the many targets of cybercriminals. There has been a 135 percent year-over-year increase in financial data, such as bank account logins and financial records, being sold on dark web, according to Intsights, a cyber-intelligence company.
“Today, banks and financial institutions have lots of partners and third parties. [There are] lots of security vulnerabilities and black holes. In many cases, a hacker can manage to take advantage of one platform,” said Itay Kozuch, Intsights' director of threat research.
None of the experts CNBC spoke to were surprised the law firms’ records were for sale.
Matt O’Neill, a supervisory special agent with the Secret Service unit that manages financial crimes said he wouldn't be at all surprised if law firms had their data stolen and sold online.
While the law firm information for sale was found on hidden websites, O’Neill says the top cybercriminals are actually becoming more brazen about advertising their wares. It comes down to getting the most customers.
“You want everybody who potentially wants to buy it to access you, and not to go through a bunch of different steps in order to even find you,” O’Neill said.
“I would say that the people operating on the dark web are on the lower tier of the hierarchical structure of bad guys,” O’Neill said.
But that lower tier is now collaborating on dark web forums and becoming more sophisticated.
“They actually have different sites in various languages in which you'd go and actually exchange ideas, and collaborate from a criminal nature,” said Robert Villanueva, an executive vice president at Q6. He spent over 20 years with the Secret Service and founded their cyber intelligence section. “There's hundreds of these websites. Thousands of users and threat actors on these websites, dedicated to one thing: cybercrime. Period.”
To the cybercriminals, borders do not matter.
“You can be a criminal in Nigeria, in Brazil, in Miami, in London. All you have to do is know where to go, find the right tools and services, and you can be up and running very quickly. It's almost plug and play,” Dominitz said.
While most cybercriminals are motivated by money, there is a sense of community on these forums with members willing to share their tips and tricks, according to Dominitz. “A lot of these forums have dedicated sections or threads and posts that are helping these newbies get in the business of cybercrime, " he explaineed.
One major target they're trying to capture? Your user name and password. Dominitz showed CNBC an online marketplace where these credentials are sold.
“These are… online logins to financial institutions, ecommerce companies, retail companies,” he said.
There is a 40 percent year-over-year increase in financial institution credentials being sold on the dark web, according to Intsights.
The marketplace CNBC saw predominantly sells consumer credentials, but criminals can gain access to business user names and passwords as well.
“We've seen situations where cybercriminals are specifically advertising IT admin credentials…Those have very, very high privileges, and those accounts worth a lot of money,” Dominitz said. “A CEO is going to have a lot of sensitive information. But if you're talking about network access and systems access, it's usually the IT admin who's going to have a lot more [access] than anybody else.”
Another reason cybercriminals want credentials is to access email accounts.
“How many people keep sensitive information in their emails, in their different folders? Well, that's how they get into multiple accounts. And then, basically compromise your credit. Compromise your family security,” Villanueva said.