How Data Brokers Sell to the Internet

It’s a well known fact that the transmission of data is being stored by third parties when using a third party storage or general product. This understanding is crucial to connecting the dots of how Data Brokers sell to the internet.

 If we’re talking about data we first need to understand netflow data, traffic flow and volume of data across a network, showing information ordinarily only available to the owner of the data, and can be used to stop contact tracing of an individuals physical location through their ISP. 

How data brokers work:

Data brokers essentially collect netflow data in some cases up to 80% of global flows according to this page, and sell individual users' traces so that the user can track their netflow. 

One threat intelligence firm Team Cymru a known data broker, works with ISPs to access that newflow data, as stated in this Vice article they are used by companies proactively trying to hunt out hackers and data breaches in the private and public sectors. Giving access to their customers the ability to “effectively run queries against virtually any IP to pull the netflows to and from that IP over a given point in time,”and to VPNs  all the while restricting the amount of data that is returned so that only a small portion of netflow data in its database can be accessed by any one client.

“In essence, access to netflow data lets a security team observe what is happening on the wider internet, and may indicate what is happening to other organizations, beyond the borders of their own network or company. “