Cybercriminals are increasingly turning to employees in an attempt to gain a foothold in a target company.
A Hitachi ID report that surveyed 100 of the top North American IT companies found that there was a 17% increase in the number of employees who were offered money in the form of cryptocurrency (bitcoin) to help ransomware operators to penetrate the company's network from November 2021.
Between December 7, 2021 and January 4, 2022, 65% of companies confirmed that their employees had been approached.
Minimize insider threats
Most of the time, the first contact is through social media or email, but in some cases (27%) ransomware operators simply call employees on the phone.
Typically, targets are offered less than €500,000 worth of Bitcoin for their efforts, but in some cases these malicious actors have offered seven-figure deals.
However, denying them means very little, because in half the cases, malicious actors end up violating the business anyway. For Hitachi, this means that once a company is perceived as a candidate for ransomware, the method is not that important.
But what makes this path particularly dangerous is the fact that insider threats are often ignored, underestimated, and overlooked when planning for cybersecurity. When asking IT professionals about insider threats, just over a third (36%) said they were most concerned about external threats, while 3% were not concerned at all.
Fewer than half of employees approached by cyber scammers reported it to the police. While a small majority of executives (51%) feel moderately prepared to prevent a ransomware attack, only 4% consider themselves “more prepared”. At the same time, the majority of decision makers confirmed that they relied primarily on perimeter defense (45%). Some (6%) exclusively use perimeter defense.
The good news is that most companies (63%) have an insurance policy that covers ransomware attacks.