Telecoms firms top target for malicious insider attacks warn security experts
Telecoms providers are a “top target” for cyber criminals looking to recruit malicious insiders, according to a security firm. Kaspersky Lab said businesses in the industry are attractive to hackers because they manage networks and communications and store large amounts of sensitive data.
And research it conducted with B2B International showed that 28 per cent of cyber attacks and 38 per cent of targeted attacks now involve malicious insiders.
The researchers said there are a number of ways cyber criminals may enlist workers. If they have publicly-available or previously-stolen compromising information on an employee, they may use it to blackmail them into assisting with their attacks.
They may also recruit and pay more willing insiders, who could pick out co-workers who they believe may be vulnerable to blackmail attempts.
Once cyber criminals have insiders on board, they may be forced to hand over their credentials, provide information on internal systems or distribute spear phishing campaigns.
In the telecoms industry, the report said hackers will target workers who can provide access to subscriber or company data or SIM card duplication or issuing capabilities.
If the target is an internet service provider, they may attempt to reach those who can enable man-in-the-middle attacks or network mapping.
“The human factor is often the weakest link in corporate IT security,” said Denis Gorchakov, a security expert at Kaspersky Lab. “Technology alone is rarely enough to completely protect the organisation in world where attackers don’t hesitate to exploit insider vulnerability.
“Companies can start by looking at themselves the way an attacker would. If vacancies carrying your company name, or some of your data, start appearing on underground message boards, then somebody, somewhere has you in their sights. And the sooner you know about it the better you can prepare.”
Recent research showed that half of businesses are not ready to defend against attacks launched with the help of malicious insiders.
Firms are advised to educate their staff on cyber security, use threat intelligence services to stay ahead of the cyber criminals and restrict access to sensitive data.