For HomeFor BusinessFor Partners
Enterprise Security Ransomware Podcast
5 min read

Cybertrends to Track: Weaponizing People and Tools

Dan Berte

March 14, 2025

Cybertrends to Track: Weaponizing People and Tools

Is it possible the next wave of cyber fraud targeting your organization could come from within? That’s one thing Tyler Baker is watching closely. He’s Director of Global Security Operations for Bitdefender, and he shared what he’s tracking on the new podcast I host, CYBERCRIME: From the Frontline.

Weaponizing Your People

Baker says malicious actors are attempting to weaponize your employees. “We're seeing on the dark web where threat actors are reaching out and trying to pay people for access into their businesses.” In addition, “I think insider threat is going to become a bigger thing. And I don't think the community is quite ready for it, because it's a very hard thing to detect. If a ZIP is all I need to compromise you and get paid, then what can I do for you? Can I just pay you $10,000 and hopefully you'll give me access, or you'll steal information for me?” He adds that problems in an employee’s personal life, especially financial challenges, can increase the odds they’ll play ball with attackers.

Weaponizing Your Trusted Tools

Threat actors love to weaponize what is legitimate, sometimes it is our people, other times it’s the tools and processes we trust. Josh Armstrong has been watching this type of threat evolve, and explained how it works during our first podcast episode. Armstrong is Senior Manager of the Bitdefender Global SOC (security operations center).

“A lot of companies use Microsoft Teams. And you might be on Teams, and you'll get a phone call, and it says IT support. Most employees might click on that and say, ‘Hey, how's it going?’ And the guy says, ‘Hey, I’m IT support, I'm here to do some updates on your computer. Can you install this program for me so I can access your computer and read the updates.” The typical employee response is to follow this request, and unknowingly open a door into your network.

“All that stuff kind of goes unnoticed, right? They are legitimate tools. Employees are giving them access into the environment, and as soon as this person has access, now they can do what they want.”

Armstrong adds that this is a scenario where managed detection and response (MDR) is crucial, because the service allows you and your trusted vendor to see past those legitimate tools and track what threat actors are doing.

The Ongoing Evolution of Ransomware

While some ransomware groups make headlines targeting large organizations that could pay significant ransoms, other groups and their affiliates are quickly and quietly going after smaller businesses, using an evolved ransomware approach. Bitdefender Chief Security Strategist Catalin Cosoi shared about this trend on the podcast.

“Once the threat actor enters the smaller organization, they archive all the documents with a password. The ransom note is, ‘If you want the ZIP password, you have to pay me $3,000.’ The companies all pay because it's cheaper and faster for them to pay. So, if they keep paying, the archiving of documents with a password is going to continue.”

It’s a reminder that threat actors will target you, regardless of the size of your organization.

Watch and Listen to CYBERCRIME: From the Frontline

This is just a small part of the conversation I had with my guests on our inaugural episode.

Ep 1 YouTube (1)

Watch the full episode or listen on  your favorite podcast platforms including Amazon, Apple, Spotify and more. Be sure to like and subscribe so you never miss an episode of CYBERCRIME: From the Frontline.

 

tags

Enterprise Security Ransomware Podcast

Author

Dan Berte

Dan Berte

Dan accelerates Bitdefender's recognition as leader and innovator in the Internet of Things with Bitdefender BOX and its revolutionary IoT security technologies. Bitdefender helps coin the industry definitions of IoT and IoT security in this fragmented space. He previously lead the design and product experience at Bitdefender. His teamdesigned, built and shipped Bitdefender BOX, a revolutionary device that protects all devices in the smart home. Prior to Bitdefender Dan had a key role in developing Vodafone Romania’s online assets and founded the first free WiFi hotspot network in Europe. Dan holds a B.Sc. degree in economics from the Babes-Bolyai University in Cluj-Napoca, Romania.

View all posts

Right now Top posts

Why Alert Volume Matters: Cutting Through the Noise
Endpoint Protection & Management

Why Alert Volume Matters: Cutting Through the Noise

February 27, 2025

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again
Ransomware Threat Research Threat Intelligence

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again

November 13, 2024

5 Approaches to Counter a Cybercriminal’s Growing Arsenal
Enterprise Security Threat Research

5 Approaches to Counter a Cybercriminal’s Growing Arsenal

November 06, 2024

Meow, Meow Leaks, and the Chaos of Ransomware Attribution
Enterprise Security Ransomware Threat Research Threat Intelligence

Meow, Meow Leaks, and the Chaos of Ransomware Attribution

September 29, 2024

FOLLOW US ON SOCIAL MEDIA

SUBSCRIBE TO OUR NEWSLETTER

Don’t miss out on exclusive content and exciting announcements!

You might also like

Cybertrends to Track: Weaponizing People and Tools
Enterprise Security Ransomware Podcast

Cybertrends to Track: Weaponizing People and Tools
Dan Berte

March 14, 2025

Bitdefender Threat Debrief | March 2025
Ransomware Bitdefender Threat Debrief

Bitdefender Threat Debrief | March 2025
Jade Brown

March 13, 2025

The Anatomy of a Partnership: Bitdefender Together with Scuderia Ferrari HP in 2025
Threat Intelligence

The Anatomy of a Partnership: Bitdefender Together with Scuderia Ferrari HP in 2025
Bianca Elena Ciobanu

March 12, 2025

Bookmarks

loader