Insider Threat: A Tricky Risk for Everyone

February 28, 2022

I spotted two report. One is from the once-upon-a-time Google- and In-Q-Tel outfit Recorded Future. The company published “Conti Ransomware Gang Chats Leaked by Pro-Ukraine Member”. Another version (maybe not verification of the Recorded Future story) appeared in “Backing Russia Backfires as Conti Ransomware Gang Internal Chats Leak.” I am never sure if stories are spot on, recycled rumors, or “real” news.

The main point of both stories is thought provoking.

A group of bad actors named “Conti” want to support a specific regime. One of the members of this group was not on board with the concept. This individual obtained confidential messages from members of the Conti outfit. With the information in hand, the “insider” made the content available to people outside of the gang.

From my point of view, the two stories make one point clear: If true, insider threats are often more of a threat that other types of actions. If false, the two stories provide a road map for individuals who want to pay off or cause some other factor to spark an insider into spilling the beans.

Net net: Insider threats are a vulnerability which warrant attention, not just a Fancy Dan automated email list of new exploits. Plus, this is a useful anecdote to share with those who tell me, “It can’t happen in my group.”

Stephen E Arnold, February 28, 2022

Comments

Comments are closed.

  • Archives

  • Recent Posts

  • Meta