Insiders continuously offer their services while cybercriminals seek collaborators to help them attack from the inside, according to a report by Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd.
“Cybercriminals often use specialised forums and marketplaces on the darknet to post job offers. These can attract tech-savvy users who are disenchanted with the traditional job market or are willing to go beyond the law for financial reward,” says Sergey Shykevich, Threat Intelligence Group Manager at Check Point Research.
Insiders
Employees, suppliers, or employees of partner companies can become insiders whose motives include financial gain, revenge, and political or ideological reasons.
Cybercriminals value insiders for their access to critical information that can weaken security measures from the inside. Because hiring an insider is expensive and dangerous, cybercriminals target lucrative industries including financial, telecommunications, or technology sectors.
Study finds that insiders also proactively offer their services to cybercriminals.
“Offers can range from hacking and data theft to malware deployment and ransomware campaigns. Hacker groups expect insiders to provide access to target systems, assist in overcoming security measures, and provide useful information for a successful attack. Or even attempt physical sabotage,” adds Shykevich.
Proactive approach
The partnership between cybercriminals and insiders is a serious threat requiring a proactive approach to cybersecurity.
CPR recommends enterprises invest in employee training, implementing appropriate security policies, detecting suspicious behaviour, monitoring the entire environment, and regular audits.
