Attackers getting More Aggressive
Thursday, August 25, 2016 @ 04:08 PM gHale
If an attacker wants to get in to a system to pilfer whatever they are looking for, they are starting to get more aggressive.
Along those lines, they are trolling around for insiders to help gain access to telecommunications networks and subscriber data, said researchers at Kaspersky Lab.
Also, if there are any employees feeling they may have been slighted in any way, the bad guys are looking to hunt them down for assistance. Attackers are also starting to go the blackmail route to reel in more folks to help plot and plan and attack, the researchers said.
Telecommunications providers are a top target for cyber-attacks. They operate and manage the world’s networks, voice and data transmissions and store vast amounts of sensitive data, and this makes them an attractive target for cybercriminals in search of financial gain, nation-state sponsored actors launching targeted attacks and their competitors.
To achieve their goals, cybercriminals often use insiders as part of their malicious ‘toolset,’ in order to help them breach the perimeter of a telecommunications company and perpetrate their crimes.
Twenty-eight percent of all cyber attacks and 38 percent of targeted attacks now involve malicious activity by insiders, according to the research by Kaspersky Lab and B2B International.
Attackers engage or entrap telecom employees in the following ways:
• Using publically available or previously stolen data sources to find compromising information on employees of the company they want to hack. Then, they blackmail targeted individuals – forcing them to hand over their corporate credentials, provide information on internal systems or distribute spear-phishing attacks on their behalf.
• Recruiting willing insiders through underground message boards or through the services of “underground recruiters.”
If there is a planned attack on a cellular service provider, attackers will seek out employees who can provide fast track access to subscriber and company data or SIM card duplication/illegal reissuing. If the target is an Internet service provider, the attackers will try to identify the employees who can enable network mapping and man-in-the-middle attacks.
“The human factor is often the weakest link in corporate IT security,” said Denis Gorchakov, security expert, Kaspersky Lab. “Technology alone is rarely enough to completely protect the organization in world where attackers don’t hesitate to exploit insider vulnerability. Companies can start by looking at themselves the way an attacker would. If vacancies carrying your company name, or some of your data, start appearing on underground message boards, then somebody, somewhere has you in their sights. And the sooner you know about it the better you can prepare.”
Click here for the “Threat Intelligence Report for the Telecommunications Industry.”