Dark Web Recruiters Target Insiders and Employees

[Exterminator]

The cyber-risk from insiders — employees and contractors who have valid access to enterprise networks, a la Edward Snowden—is on the rise, in part due to cybercriminals recruiting them to help steal data, make illegal trades or otherwise profit.

According to a report from RedOwl and IntSights, the recruitment of insiders within the Dark Web is active and growing, with forum discussions and insider outreach nearly doubling from 2015 to 2016.

Sophisticated threat actors use the Dark Web to find and engage insiders to help place malware behind an organization’s perimeter security. Insiders then use these underground forums to “cash out” on their services through insider trading and payment for stolen credit card information.

The puppet-masters are also able to arm insiders with the tools and knowledge necessary to help steal data and commit fraud, among other acts, and also to cover any tracks. In one instance, a hacker solicited bank insiders to plant malware directly onto the bank’s network. This approach significantly reduces the cost of action as the hacker doesn’t have to conduct phishing exercises and can raise success rates by bypassing many of the organization’s technical defenses (e.g. anti-virus or sandboxing).

The lures are significant. On one forum, the attacker explained the approach to a potential collaborator, indicating that he needs direct access to computers that access accounts and handle wire transfers, and that he offers to pay “7 figures on a weekly basis” for continued access.

What is means for businesses is that any insider with access to the internal network, regardless of technical capability or seniority, presents a risk. The report recommends that risk management teams should join the growing number of organizations that are actively building insider threat programs. Ironically, 80% of security initiatives today focus on perimeter defenses, while fewer than half of organizations budget for insider threat programs.

Another powerful lever that organizations have to mitigate the threat from insiders is culture.

“Enterprises should create, train and enforce consistent corporate security policies while protecting employee privacy,” the report recommends. “Ensuring that employees and contractors understand the rules—and penalties—of engaging in insider behavior carries tremendous impact.”

Also, treating insiders as a technology problem ignores the human aspects of motivation and behavior.

“Security teams must monitor employee behavior across a broad array of channels that identify suspicious employee activity, but also help understand negative employee sentiment,” the report added. “Building an effective insider threat program requires a robust security ecosystem built on a foundational capability to see across all employee activity and spotlight unwanted behavior while respecting employee privacy.”

If things weren't scary enough read this article!

 

[jogs]

An insider job is the most dangerous, its really difficult to stop. Even very strong kingdoms have fallen apart due to insider betrayals, its the same for companies.

 

[Exterminator]

When you think of how much of our lives can be accessed by other people and the fact that money and greed will sway many to the dark side,no pun intended,it is a very serious and very scary reality.

 

[Wave]

An insider job is the most dangerous, its really difficult to stop.

Once you get into that it'd be hard to get out without a consequence/getting caught, since the people you had worked for to do the bad things could then potentially blackmail you into continuing to get yourself a free card out of being exposed to the company for what you did.

 

[Deleted member 178]

Double-cross them , when contacted , contact aCyber government agencies, and become a cyber Jason Bourne

 

[Wave]

Double-cross them , when contacted , contact aCyber government agencies, and become a cyber Jason Bourne

The thing is, chances are the person who reports them would be rewarded nothing. The government don't have large sums of money to just hand out, they are focused on giving it towards education, health and safety, and other resources... When people are contacted for these sorts of things they will either ignore it and carry on with their life, or they will accept with the aim of making a lot of profit (£100,000+ range).

That's the only reason people accept to do this work, because they want to become minted and then live a happy rich life. But in reality that doesn't normally end up happening, and they get themselves in even worse mess than they were in before, plus they become disloyal to their company and therefore have a bad conscience which will cause them to become mentally unstable too.

Plus if they reported the offer and ignored it, then nothing would happen since the people offering to give people money to cross their company are well protected and hidden, the person reporting won't know their identity or be able to track them and then by the time any action is taken they are long gone with nothing to do to find them

In the end only negative thing happens to the person who goes along with it and agrees. And by reporting, they get themselves in trouble if they are in too deep (they might get lesser harsh punishment but they likely won't just get away with whatever they did one way or another), or they end up getting nothing at all.

And when people are desperate and in a bad place, then money will make them do crazy things.

 

[Deleted member 178]

@Wave it was more a joke , you are right, authorities willl do nothing, unless the contacted works for a military/defense contractor or homeland agency.

 

[Warlocko]

Once you get into that it'd be hard to get out without a consequence/getting caught, since the people you had worked for to do the bad things could then potentially blackmail you into continuing to get yourself a free card out of being exposed to the company for what you did.

Thing is (and I'm only speaking for the country I live in), even if you catch them, most companies won't be willing to take the reputational and economic "damage" asociated with reporting the culprit to the authorities and following the proper legal procedures, most of the time the "weaponized insider" gets away with it and the next time it's easier for him to avoid the consequences. I know this isn't the way things should be, but as Exterminator said, it's a very scary reality.

 

[_CyberGhosT_]

When you think of how much of our lives can be accessed by other people and the fact that money and greed will sway many to the dark side,no pun intended,it is a very serious and very scary reality.

Spot on brother

 

[tim one]

Let's have a question and let's get a response.
The malware moves billions of $!