Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Revealed: Malicious Insider Threats on the Dark Web

published on 2022-04-26 15:59:11 UTC by Hagar Margolin
Content:

Malicious insiders are people with lawful access to internal tools, information or systems within an organization who intentionally abuse this access (using legitimate credentials) for financial or personal gain. Malicious insiders are often current or former employees, contractors or business associates.

What motivation do malicious insiders have to harm the organization?

The main motivations behind the activity of malicious insiders are:

1. Unsurprisingly, most malicious insiders are motivated by financial gain.
2. Some malicious insiders conduct corporate espionage for a competitor or for nation-state espionage.
3. Other malicious insiders look to harm their employer for personal reasons or revenge.

Because the majority of malicious insiders using the deep and dark web are motivated by financial profit, we decided to find out what we can learn about them.

What actions do insiders take to profit from their malicious activity?

Insiders who look to make profit are either using their legitimate access to offer fraud services or sell the raw sensitive information they are able to access to a third party. That sensitive information might be intellectual property belonging to a company, confidential customer information like PII and other classified data.

Examples of the type of posts malicious insiders publish on the deep and dark web

Malicious insiders use the deep and dark web to discuss and share information they obtain.

Take for example the following post from a carding forum. A T-Mobile employee offers threat actors access to the company’s system in order to bypass multi-factor authentication systems, in this case 2FA and OTP, and by that gain access to the devices or accounts of victims. The malicious insider charges $1000 for his services and explains his method of work – literally stating that this would be a bribe.

A post published on a carding forum, where a T-Mobile’s employee is offering his service for bypassing 2FA and OTP for sale. The screenshot was taken from Webz.io's Cyber API
A post published on a carding forum, where a T-Mobile’s employee is offering his service for bypassing 2FA and OTP for sale. The screenshot was taken from Webz.io’s Cyber API

One of the most targeted industries by malicious insiders on the dark web is the financial industry.

Below you can find a post published on the CryptBB carding forum, where a business associate of an unnamed bank says that he has access to PII such as debit and credit card information and SSN. He is asking for an advice from other forum members as he doesn’t know what to do with the information he has:

A post published on a dark web carding forum, CryptBB, where an insider working for a bank says he is planning to abuse his access to sensitive information
A post published on a carding forum, CryptBB, where an insider working for a bank says he is planning to abuse his access to sensitive information

Companies of all sizes invest a lot of time and effort into monitoring external threats that can harm them, but many ignore the threat malicious insiders pose to their financial health and reputation.

Using Webz.io’s Cyber API, organizations around the world monitor these types of threats, which are often hard to detect, whether it is because of their elusive nature or the need for deep contextual data to spot the threat. As many of these threats are invisible to traditional security systems, it is important to be able to monitor the organization’s assets on the deep and dark web, a prime space for malicious insiders to trade and discuss their intentions and the sensitive information they obtain.

Article: Revealed: Malicious Insider Threats on the Dark Web - published over 2 years ago.

https://webz.io/dwp/revealed-malicious-insider-threats-on-the-dark-web/   
Published: 2022 04 26 15:59:11
Received: 2022 04 27 10:51:07
Feed: Webz.io Dark Web Posts All
Source: Webz.io Dark Web Posts
Category: News
Topic: Cyber Security
Views: 0

Custom HTML Block

Click to Open Code Editor