Skip to main content

Ransomware attackers are targeting inside help

ID theft
(Image credit: Future)
Audio player loading…

Cybercriminals are increasingly turning towards employees to try and establish a foothold in a target company. 

A report from Hitachi ID surveying 100 large IT enterprises in North America found that there’s been a 17% rise in the number of employees who’d been offered money, in the form of cryptocurrency (bitcoin) to help ransomware operators breach the company network since November 2021.

Between December 7, 2021, and January 4, 2022, 65% of companies confirmed their employees had been approached. 

Downplaying insider threats

Most of the time, initial contact is done either by social media or email, but in some cases (27%), ransomware operators just call employees on the phone. 

Usually, targets wukk be offered less than $500,000 in Bitcoin for their efforts, but in some cases, these malicious actors made seven-figure proposals. 

Turning them down means very little, though, as, in half of the cases, the malicious actors do end up breaching the company, anyway. For Hitachi, that means that once a firm is perceived as a ransomware candidate, the method isn’t that important. 

But what makes this avenue particularly dangerous is the fact that insider threats are generally ignored, underrated, and not accounted for during cybersecurity planning. Polling IT pros on internal threats, just above a third (36%) said they were more concerned about external threats, while 3% were not concerned at all. 

Less than half of employees approached by cybercrooks reported it to the police. While a slim majority of executives (51%) feel moderately prepared to prevent a ransomware attack, just 4% consider themselves “most prepared”. At the same time, most decision-makers confirmed they rely mostly on perimeter defense (45%). Some (6%) exclusively use perimeter defense. 

The good news is that most companies (63%) have an insurance policy that covers ransomware attacks.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.