Kaspersky Digital Footprint Intelligence experts analyzed hundreds of initial access brokers’ posts on the dark web market published in January – April 2025 and in January – April 2026. According to the researchers, in 2026 the number of posts offering initial access to small- and medium sized organizations (SMBs) account for more than a half of all analyzed posts with initial access offers on the dark web forums.
Ahead of International SMB Day on June 27, a new Kaspersky report reveals threat analysis and mitigation strategies to help SMBs protect themselves against the evolving threat landscape.
According to Kaspersky research, for the first four months of 2026 the share of posts with initial access offers to allegedly compromised small-sized organizations was the largest (40%) compared to the shares of publications offering access to large-sized or nonprofit organizations. The share of posts concerning medium‑sized organizations was also noticeable (20%). This means that publications with initial access to corporate systems of small and medium‑sized organizations together accounted for more than a half of all the analyzed posts with initial access offers on the dark web market.
Initial access brokers sell the initial access to allegedly compromised businesses on the dark web market. In their posts, initial access brokers may provide information about the region where the companies are located, about the industry they belong to and their revenue, as well as about the type of access. Buyers then can use the received access for different purposes, including ransomware attacks, stealing corporate confidential information or other fraudulent activity.
“Despite the fact that posts concerning small-sized companies prevail, threat actors may target medium‑sized businesses as they generate higher revenue than small businesses while they may have lower level of protection against cyberthreats than large ones. Thus, the common belief that small‑ and medium‑sized enterprises are uninteresting to attackers is a misconception. Companies of any size need to understand the cyberthreat landscape, adhere to cybersecurity policies, use appropriate cybersecurity solutions, and continuously improve employees’ awareness”, says Ekaterina Beloborodova, Kaspersky Digital Footprint Intelligence Analyst.
Read the full report on the SMBs threat landscape here:
To protect your business from various cyberthreats:
· Look for solutions that fit your budget, size, and industry requirements, with an emphasis on scalability and ease of integration. For instance, Kaspersky Small Office Security Premium is an easy-to-use solution that protects from advanced threats and also provides access to security awareness training for employees, making it ideal for micro-businesses. Meanwhile, small and medium-sized enterprises with more mature IT expertise should consider Kaspersky Next Optimum, which is designed specifically for growing organizations and offers real-time protection, threat visibility, as well as investigation and response capabilities of EDR and XDR.
· For teams lacking cybersecurity personnel and the bandwidth for 24/7 monitoring, a managed approach can be invaluable. Kaspersky MDR, an expert-led service, provides round-the-clock capabilities for the entire incident management cycle – from threat detection to continuous protection and remediation.
· Adopt specialized solutions such as Kaspersky Digital Footprint Intelligence to monitor the surface, deep, and dark webs for information about a company's credentials, leaked data, and lookalike websites. Small and medium companies with limited IT security budgets can partner with a Managed Security Service Provider (MSSP) to access this comprehensive digital risk protection service at an affordable, subscription-based price point.
· Establish clear guidelines for using external services and resources.
· Define access rules for corporate resources such as email accounts, shared folders, and online documents.
· Regularly back up important data to ensure the preservation of corporate information in case of emergencies.
Natasha