If you’re the CEO of a company, here’s another threat you need to worry about: hackers trying to recruit your employees for insider-related crimes.
Researchers at security firms RedOwl and IntSights have noticed growing activity from online black market dealers trying to recruit company employees for insider trading and cashing out stolen credit card numbers.
These dealers are appearing on underground forums located on the dark web, which are accessible through Tor, a browser designed for anonymous web surfing, according to the researchers, who published their findings on Tuesday.
Hackers in these underground forums have been looking for employees to collude in insider trading to make educated stock market bets. One site has been helping its members engage in this illicit activity, and garnered over 40 bitcoin ($39,755) in total transactions
“According to the group’s manager, there are members who make more than $5,000 USD a month using the leaked information,” the research report said. Membership, in the forum, however, requires a 1 bitcoin ($995) fee.
The administrator of another forum dedicated to the illicit activity claims to be a former European IT entrepreneur who’s trying to create a “well-selected community” to exchange insider information on publicly traded companies.
Hackers are also recruiting employees in the retail sector to help them make purchases with stolen credit card numbers.
The researchers found one wanted ad in a dark web forum for a retail cashier worker to make iPhone 6 purchases in exchange for £100 (US$127).
In other cases, hackers have been found trying to arm insiders with cyber tools to help steal data or commit fraud, according to the researchers. “In one instance, a hacker solicited bank insiders to plant malware directly onto the bank’s network,” the report said.
The researchers found that one hacker offered to pay the insider “7 figures on a weekly basis” for access to a bank’s computer.
The report from RedOwl and IntSights involved monitoring activity on underground forums for references to insider-related crimes over a two-year period starting in Jan. 2015. It noticed about 1,000 references and a spike in the latter months of 2016,
The security firms suggest that companies take the insider threat more seriously by using IT security systems to carefully monitor employees for unwanted behavior without violating their privacy.
Other security experts also advise that companies segregate valuable data from employees who have no reason to use it, or hire professionals to handle investigations that deal with suspected insider theft.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.