Dark Web Offers Tools for Vengeance to Disgruntled Workers

January 10, 2017

It seems the dark web is now making it easier for disgruntled employees to take their revenge to the next level, we learn from the KrebsOnSecurity article, “Rise of Darknet Stokes Fear of the Insider.” The article cites Gartner analyst Avivah Litan; she reports a steep increase in calls from clients concerned about vindictive employees, current or former, who might expose sensitive information on the dark web.  Not surprisingly, companies with a lot of intellectual property at stake are already working with law-enforcement or private security firms to guard against the threat.

How, exactly, is the dark web making worker retaliation easier than ever before? Writer Brian Krebs explains:

Noam Jolles, a senior intelligence expert at Diskin Advanced Technologies, studies darknet communities. I interviewed her last year in ‘Bidding for Breaches,’ a story about a secretive darknet forum called Enigma where members could be hired to launch targeted phishing attacks at companies. Some Enigma members routinely solicited bids regarding names of people at targeted corporations that could serve as insiders, as well as lists of people who might be susceptible to being recruited or extorted.

Jolles said the proliferation of darkweb communities like Enigma has lowered the barriers to entry for insiders, and provided even the least sophisticated would-be insiders with ample opportunities to betray their employer’s trust.

I’m not sure everyone is aware of how simple and practical this phenomena looks from adversary eyes and how far it is from the notion of an insider as a sophisticated disgruntled employee,’ Jolles said. ‘The damage from the insider is not necessarily due to his position, but rather to the sophistication of the threat actors that put their hands on him.

According to research by Verizon, few vengeful employees turn out to have been in management positions. Most are workers lower on the totem pole who had to be given access to sensitive information to perform their jobs. The Verizon report cheerfully advises, “At the end of the day, keep up a healthy level of suspicion toward all employees.” What fun.

See the article for more about this threat, and how organizations might go about protecting themselves.

Cynthia Murrell, January 10, 2017

Comments

Comments are closed.

  • Archives

  • Recent Posts

  • Meta