A report from Kaspersky Lab has revealed that cybercriminals are targeting telecoms employees via blackmail, and recruiting disillusioned employees, in order to carry out cyber attacks on telecommunications networks.
Telecommunications companies are a top target for cyber attacks, because they store vast amounts of sensitive data.
This makes them an attractive target for cybercriminals looking for financial reward for their illegal exploits.
Kaspersky Lab’s report suggests that to achieve their goals, cybercriminals often use insiders as part of their malicious ‘toolset’, to help them breach the perimeter of a telecommunications company and perpetrate their crimes.
As mentioned there are two types of insider security breach.
Either hackers recruit disaffected employees through underground channels, or they blackmail staff using compromising information gathered from open sources, in order to instigate a breach from behind a company’s defences.
The blackmailing approach has apparently grown in popularity following increasing online data breaches that expose more compromising, blackmail-worthy, information on individuals.
Hackers are ready to exploit this.
>See also: Why LinkedIn is a prime target for hackers
The intelligence report surmises that 28% of all cyber attacks, and 38% of targeted attacks (state-sponsored, or competitive) involve criminal misgivings from insiders. The ‘inside man’.
“The human factor is often the weakest link in corporate IT security. Technology alone is rarely enough to completely protect the organisation in a world where attackers don’t hesitate to exploit insider vulnerabilities,” said Denis Gorchakov, security expert at Kaspersky Lab.
The insiders most in demand, depend on what type of attacks is planned, according to the report.
If it is an attack on a cellular service provider, criminals will seek out employees who can provide fast track access to subscriber and company data or SIM card duplication/illegal reissuing.
If the target is an Internet service provider, the attackers will try to identify those who can enable network mapping and man-in-the-middle attacks.
However, insider threats can take on a variety of forms, some unlikely.
The threat appears untenable, but there are methods that can prevent attacks, and minimise their damage when they do occur.
Investment in AI cyber security measures, which will eventually be able to heal the damage done automatically, and sharing cyber threat intelligence are the two major solutions.
Based on this report, however, it is evident that just as much importance should be placed on internal cyber threats, as well as external ones.