As we predicted earlier this year, harsh economic conditions across Western democracies are acting as a catalyst for cybercrime – particularly those cyber-attacks that target staff inside the organization. As cybersecurity becomes more effective, cybercriminals are finding ways to bypass digital security barriers by victimizing and sometimes terrorizing key personnel within the target organization.
According to SC2 Cybersecurity Workforce Study: “Cybersecurity professionals at organizations that have had layoffs in cybersecurity are three times more likely to have been approached to act as malicious insiders. It remains to be seen whether the future of work and the impact of emerging technologies have a positive or negative impact on this trend.”
While layoffs may be the sharp end of today’s harsh economic conditions, salaries that don’t keep pace with inflation, job dissatisfaction, and financial fears for the future are all factors that also make it easier for cybercriminals to bribe dishonest and disgruntled staff members. Over 70 percent of cybersecurity professionals polled in the SC2 Cybersecurity Workforce Study agree that times of economic uncertainty increase the risk of malicious insiders. Half of all cybersecurity professionals taking part in the study have had personal or second-hand contact with a malicious insider within the past year.
But there is also growing evidence that, owing to greed, desperation, or both, cyber-criminals are now playing very dirty indeed, not only by actively advertising on the Dark Web but also by targeting not only dishonest but also cowardly employees who are easily threatened. According to the study, 11 percent of security professionals have been targeted at home because of their role within the target organization.
Physical threats used on vulnerable staff
According to Microsoft, one of the most dangerous financial criminal groups, Octo Tempest, has started to resort to “fear-mongering techniques,” targeting specific employees through phone calls and texts. This gang uses personal information gathered about the victim, such as home addresses and the names of family members, along with physical threats to coerce vulnerable employees into sharing the credentials for corporate access. Octo Tempest also uses software that can be used to convincingly mimic any human voice. This can be used to impersonate the victim’s boss or be used to impersonate a newly hired employee.
The growing danger of insider threats to organizations in the public and private sectors is highlighted by recent cybersecurity breaches. Earlier this year, for example, an international money transfer company, US-based Western Union, was obliged to pay a further $40 million on top of a previous $365 million payout to defrauded customers. Western Union had already admitted some of its staff were complicit in the frauds, highlighting the growing “insider threat” now facing multinational corporations.
