night
The private networks of critical infrastructure are being accessed by buyers and sellers on the dark web. Tookapic/Pexels

Hackers who have broken into the private computer networks of critical infrastructure are selling access to those networks to the highest bidders through dark web marketplaces, according to a report from the Epoch Times.

In exchange for bitcoins, the hackers are selling off the ability to access networks including government agencies, hospitals, power plants and utilities, airlines and other infrastructure vital to the day-to-day operation of local and federal governments and private organizations.

STRUCTURE SECURITY -- USE THIS ONE
Newsweek is hosting a Structure Security Event in San Francisco, Sept. 26-27. Newsweek Media Group

The sales, which were tracked down by dark web intelligence company BlackOps Cyber, are taking place on a dark web forum called CMarket or Criminal Market. The aptly named underground exchange was formerly known as Babylon APT.

CMarket is an invite-only marketplace, allowing only trusted buyers and sellers access. A BlackOps Cyber researcher was able to gain access and document findings across the marketplace, including taking screenshots of the listings and keeping logs of chat communications had with top members of the dark web operation.

According to the BlackOps Cyber’s analysis, one of the primary players selling access to private networks is a member of the Chinese Communist Party. The seller reportedly works for the Chinese government and selled data obtained from companies and other governments.

While the apparent government official is a top operator on the site, the marketplace itself is run by a crew of primarily Latin American hackers, with some help from hackers located in the Philippines and Brazil, according to the analysis.

According to chat logs captured by the researcher from BlackOps Cyber, one of the sellers on CMarket claimed to have sold databases linked to the North Atlantic Treaty Organization (NATO) and the Germany Defense Ministry.

The seller also claimed to have hacked devices operated by a terrorist cell in Western Europe. According to the hacker, the group contains supporters and combatants who are being trained before being sent to other parts of Europe, presumably to carry out acts of terrorism.

While the terrorist network drew interest from some buyers—including an apparent group of Russians—the market is also littered with supposed access to power plant facilities and other utilities companies.

Those points of access into the networks of critical infrastructure would give a hacker access to SCADA (Supervisory control and data acquisition) systems and their data. SCADA systems are typically used to monitor a specific activity such as heat or pressure.

Electric grids, oil and gas pipelines, railroads and nuclear plants all count on SCADA systems for monitoring purposes. Access to those systems could allow a malicious actor to do significant damage to a piece of critical infrastructure and provide little recourse for the operators other than manually overriding the system.

Access to those systems were being sold for between three to five bitcoins, which would currently translate to about $12,000 to $20,000.

Other listings on the marketplace claimed to have login information for computers used by the United Kindom’s intelligence agency MI5 and the Royal Air Force. Another listing offered access to the U.S Coast Guard’s Vessel Identification System, which is used to monitor tracking systems used to identify ships. Listings like those went for as much as seven bitcoin, or about $28,000.