Russian hackers have offered to sell access to the internal network and customer database of Pakistan International Airlines (PIA), according to Israeli firm\u00a0KELA Targeted Cyber Intelligence,Researchers at the firm said that cybercriminals advertised domain admin access to PIA\u2019s internal network for $4,000, while its customer database was listed for $500. The airline has not acknowledged the breach incident yet.The purported hacker posted the advert for initial network access to PIA\u2019s systems on Russian and English dark web marketplace forums that KELA monitors. A week later, the airline\u2019s customer database went up for sale. The hacker\u2019s post in the forums stated that the database included customers\u2019 full names, phone numbers and passport information.Initial network access in such illicit deals refers to remote access to systems in a compromised organization, while\u00a0those selling it are known as remote access brokers. Rather than hack their way into corporate networks, cybercriminals often purchase such initial network access to gain a foothold, allowing them to move laterally and expand their access rights.While cyber threat researchers generally cannot know specifically how attackers entered a network unless the attacker shares the method, KELA threat intelligence analyst Victoria Kivilevich said that there have been instances where there was a direct connection mentioned.For example, said Kivilevich, in August a US company appeared as a Sodinokibi ransomware victim in the Twitter account of a remote access broker known for his collaboration with the ransomware gang. \u201cA few days later, the broker contacted KELA offering proof of a successful ransomware attack, and confirmed that it was breached through the Pulse Secure VPN access first.\u201dIllicit network access sales target Indian businesses\u00a0Researchers at KELA have observed that initial network accesses are being sold in underground forums every day, and are becoming an initial entry point for ransomware operators. The company\u2019s blog shows that 100 initial network accesses were put on sale by threat actors in September alone \u2013 that\u2019s three times more than they observed in August.What\u2019s noteworthy is that the cumulative price requested for all these accesses exceeds $500,000. Of the accesses KELA found for sale, 23% were reported as sold for a total amount of nearly $90,000. The average price of the 108 network access listings tracked by Kela stood at $4,960.The researchers have also found out that 50% of network access sales target just three countries: the US, Canada, and India. The recent onslaught of cyberattacks targeting Indian businesses such as BigBasket, Dr Reddy\u2019s, Dr Lal PathLabs, Dunzo, Haldiram\u2019s, Paytm Mall, and PM Modi\u2019s website could be a consequence of such sales.