Threat actors may purchase or otherwise acquire an existing access to a target system or network. A variety of online services and initial access broker networks are available to sell access to previously compromised systems. In some cases, adversary groups may form partnerships to share compromised systems with each other.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.