Experts explain that if it is impossible to bypass technical means of protection of cybercriminals, often resort to the help of employees of the attacking company or organization. In this case, two main methods are used: blackmail and hire through the black market. In the first case, attackers use compromising evidence to force workers to perform certain unauthorized actions. In the second case, the organizers of the attacks pay for insiders services and may even sometimes ask them to help find colleagues who can be blackmailed.
Attacks with the participation of insiders are especially relevant for companies operating in the telecommunications sector. A huge amount of confidential information is at the disposal of telecom operators, therefore they are a very attractive target for fraudsters striving to enrich, and for large cyber groups sponsored by any state, and for competitors.
«Kaspersky laboratory» notes that when organizing an attack by attackers may need the help of insiders who occupy a variety of positions. So, when planning an attack on mobile operator operator, cybercriminals need employees who can provide access to subscriber and corporate data, or make copies of SIM cards, and when planning an attack on an Internet provider — workers who have access to coating maps or the ability to intercept network traffic.
- Kaspersky laboratory