Today RedOwl researchers released a report titled “Monetizing the Insider: The Growing Symbiosis of Insiders and the Dark Web”. This report is two years in the making and its findings include information that is vital for all companies. Cybercriminals are recruiting your employees. Yes, the ones on your payroll.
Here are the highlights of the report:
- The recruitment of insiders within the dark web is active and growing.
- The dark web has created a market for employees to easily monetize their insider access.
- Sophisticated threat actors use the dark web to find and engage insiders to help place malware behind an organization’s perimeter security
The best way to guard against this threat is first to acknowledge it exists. This is a relatively new threat as most employees were “blissfully ignorant” about the dark web. Now that this corner of the internet is common knowledge, more and more individuals are testing the waters. The second step is to understand the types of information being accessed and then monitor and manage accordingly. Cybercriminals are recruiting with the purpose of finding employees to “steal data, make illegal trades, or otherwise generate profit.”
How Cybercriminals Turn Employees Into Rogue Insiders
"Cybercriminals are ramping up efforts to recruit employees with access to corporate networks. The Dark Web, which promises anonymity to rogue insiders, is driving that trend.
Researchers from IntSights and RedOwl spent two years studying Dark Web forums on recruiting, and working with, insiders. Today they released their findings, in a report entitled "Monetizing the Insider: The Growing Symbiosis of Insiders and the Dark Web."
In those two years, they saw about 1,000 references to insiders in cybercrime forums, with a spike occurring towards the end of 2016. Forum discussions and insider outreach nearly doubled between 2015 and 2016.
"Recruitment of insiders is increasing, and the use of the dark web is the current methodology that malicious actors are using to find insiders," explains researcher Tim Condello, technical account manager and security researcher at RedOwl.
Cybercriminals recruit with the goal of finding insiders to steal data, make illegal trades, or otherwise generate profit. Advanced threat actors look for insiders to place malware within a business' perimeter security. However, sophistication isn't a requirement for success.
"Successful hacking is a mix of tech savviness and domain knowledge," says Condello. "Hackers previously had to have a hybrid of both, or fully understand the domain they were attacking. Now, they can leverage an insider to provide domain expertise to have a successful attack."
Think your business is safe? Think again. All insiders pose a risk, regardless of their seniority or technical ability, experts say. As major data breaches continue to make headlines, people are recognizing the tremendous impact leaked data can have on a business -- and how they can profit from it."