Insider Threat: A Tricky Risk for Everyone

February 28, 2022

I spotted two report. One is from the once-upon-a-time Google- and In-Q-Tel outfit Recorded Future. The company published “Conti Ransomware Gang Chats Leaked by Pro-Ukraine Member”. Another version (maybe not verification of the Recorded Future story) appeared in “Backing Russia Backfires as Conti Ransomware Gang Internal Chats Leak.” I am never sure if stories are spot on, recycled rumors, or “real” news.

The main point of both stories is thought provoking.

A group of bad actors named “Conti” want to support a specific regime. One of the members of this group was not on board with the concept. This individual obtained confidential messages from members of the Conti outfit. With the information in hand, the “insider” made the content available to people outside of the gang.

From my point of view, the two stories make one point clear: If true, insider threats are often more of a threat that other types of actions. If false, the two stories provide a road map for individuals who want to pay off or cause some other factor to spark an insider into spilling the beans.

Net net: Insider threats are a vulnerability which warrant attention, not just a Fancy Dan automated email list of new exploits. Plus, this is a useful anecdote to share with those who tell me, “It can’t happen in my group.”

Stephen E Arnold, February 28, 2022

Written by Stephen E. Arnold · Filed Under cybercrime, News

Comments

Comments are closed.

Search the site
Subscribe to Beyond Search
Feature archive
News archive

Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.