Is it possible the next wave of cyber fraud targeting your organization could come from within? That’s one thing Tyler Baker is watching closely. He’s Director of Global Security Operations for Bitdefender, and he shared what he’s tracking on the new podcast I host, CYBERCRIME: From the Frontline.
Baker says malicious actors are attempting to weaponize your employees. “We're seeing on the dark web where threat actors are reaching out and trying to pay people for access into their businesses.” In addition, “I think insider threat is going to become a bigger thing. And I don't think the community is quite ready for it, because it's a very hard thing to detect. If a ZIP is all I need to compromise you and get paid, then what can I do for you? Can I just pay you $10,000 and hopefully you'll give me access, or you'll steal information for me?” He adds that problems in an employee’s personal life, especially financial challenges, can increase the odds they’ll play ball with attackers.
Threat actors love to weaponize what is legitimate, sometimes it is our people, other times it’s the tools and processes we trust. Josh Armstrong has been watching this type of threat evolve, and explained how it works during our first podcast episode. Armstrong is Senior Manager of the Bitdefender Global SOC (security operations center).
“A lot of companies use Microsoft Teams. And you might be on Teams, and you'll get a phone call, and it says IT support. Most employees might click on that and say, ‘Hey, how's it going?’ And the guy says, ‘Hey, I’m IT support, I'm here to do some updates on your computer. Can you install this program for me so I can access your computer and read the updates.” The typical employee response is to follow this request, and unknowingly open a door into your network.
“All that stuff kind of goes unnoticed, right? They are legitimate tools. Employees are giving them access into the environment, and as soon as this person has access, now they can do what they want.”
Armstrong adds that this is a scenario where managed detection and response (MDR) is crucial, because the service allows you and your trusted vendor to see past those legitimate tools and track what threat actors are doing.
While some ransomware groups make headlines targeting large organizations that could pay significant ransoms, other groups and their affiliates are quickly and quietly going after smaller businesses, using an evolved ransomware approach. Bitdefender Chief Security Strategist Catalin Cosoi shared about this trend on the podcast.
“Once the threat actor enters the smaller organization, they archive all the documents with a password. The ransom note is, ‘If you want the ZIP password, you have to pay me $3,000.’ The companies all pay because it's cheaper and faster for them to pay. So, if they keep paying, the archiving of documents with a password is going to continue.”
It’s a reminder that threat actors will target you, regardless of the size of your organization.
This is just a small part of the conversation I had with my guests on our inaugural episode.
Watch the full episode or listen on your favorite podcast platforms including Amazon, Apple, Spotify and more. Be sure to like and subscribe so you never miss an episode of CYBERCRIME: From the Frontline.
tags
Dan accelerates Bitdefender's recognition as leader and innovator in the Internet of Things with Bitdefender BOX and its revolutionary IoT security technologies. Bitdefender helps coin the industry definitions of IoT and IoT security in this fragmented space. He previously lead the design and product experience at Bitdefender. His teamdesigned, built and shipped Bitdefender BOX, a revolutionary device that protects all devices in the smart home. Prior to Bitdefender Dan had a key role in developing Vodafone Romania’s online assets and founded the first free WiFi hotspot network in Europe. Dan holds a B.Sc. degree in economics from the Babes-Bolyai University in Cluj-Napoca, Romania.
View all postsDon’t miss out on exclusive content and exciting announcements!