PACid Technologies

Follow Us

facebooktwitter
  • Home
  • Consumers
  • Corporations
  • PACid Technology
    • PACid Technology
    • Patent Portfolio
    • Bolt-on Strong Security (BoSS)
    • PACid’s Five Levels of Data Security
  • Patents and Inventing
  • Resource Center
    • Blog
    • Papers and Articles
  • About Us
    • About Us
    • Contact Us
    • Our Vision

The “Dark Web” and Insider Threats to Data Security

Posted on January 31, 2017 by Barry Leff

deep-web-1106648_1280We’ve written before about how employees are often the weakest link in data security.

Most data breaches involving employees are cases where the employee was either ignorant or careless. Employees are often lazy with passwords (choosing simple ones, reusing passwords, etc.). They may not realize that plugging a USB stick into a computer to watch a pirated video could lead to a malware infection. They may fall victim to a phishing attack (no, your iTunes account has NOT been suspended because of a problem with your credit card).

But there’s a much more sinister problem that’s becoming increasingly common.

A report just out from RedOwl and IntSights highlights how cybercriminals are using the Dark Web to recruit employees to become “rogue insiders.”

The “Dark Web” is a corner of the internet that you can’t explore with Google, and that you can’t explore without being encrypted and anonymous. It exists between an anonymizing service, Tor, and its servers and clients.

There are legitimate uses for Tor, such as protecting the anonymity of human rights activists who live in countries with repressive regimes. But the combination of anonymity and concealing of one’s physical location also makes Tor and the Dark Web very popular with criminals.

Many corporations with high-value assets accessible online – such as financial institutions – have gotten pretty good at making it unlikely that garden variety carelessness can lead to a major data security breach. But as businesses get more sophisticated, the bad guys get more sophisticated too. Many cybercriminals have been turning to the Dark Web to recruit employees who have access to corporate networks to plant malware.

In some cases, they can recruit disgruntled employees who are angry over some perceived slight, whether it’s being passed over for a promotion, a bad performance review, or an abusive boss. In other cases, the motivation is straight up financial: a cut of the proceeds for defrauding the employer. Whatever the employee’s motives, once a “trusted insider” has gone bad, protecting your online assets becomes much more difficult.

Most companies spend the vast majority of their cybersecurity budget on “perimeter defenses,” making it difficult for outside hackers to break into the network. The increasing recruitment of insiders means companies need to start focusing more attention on stopping and catching a malicious actor who’s working within the corporate firewall.

The best way to slow down insider threats would be to protect your network from malware and have a setup that makes any activity within the network traceable, such as with PACid’s Bolt-on Strong Security (BoSS). Employees can’t give away the keys to the store if they don’t have the keys in the first place.

facebooktwittergoogle_plusredditpinterestlinkedinmail
‹ Law Firms Face Large Liability from Data Breaches
Cybercrime Continues Rapid Increase in Q42016 ›
Posted in Blog

Share This Post

facebooktwittergoogle_plusredditpinterestlinkedinmail

Recent Posts

  • Medical Devices a Scary Cyberthreat
  • Cybercrime Continues Rapid Increase in Q42016
  • The “Dark Web” and Insider Threats to Data Security
  • Law Firms Face Large Liability from Data Breaches
  • Cybercrime More Common Than You Would Think

Archives

  • April 2017 (1)
  • March 2017 (1)
  • January 2017 (1)
  • December 2016 (1)
  • October 2016 (1)
  • September 2016 (1)
  • August 2016 (1)
  • July 2016 (1)
  • June 2016 (1)
  • April 2016 (1)
  • March 2016 (2)
  • February 2016 (1)
  • December 2015 (1)
  • October 2015 (1)
  • September 2015 (1)
  • July 2015 (2)
  • June 2015 (2)
  • April 2015 (1)
  • March 2015 (1)
  • February 2015 (1)
  • January 2015 (2)
  • December 2014 (1)
  • November 2014 (2)
  • October 2014 (1)
  • September 2014 (2)
  • August 2014 (2)
  • July 2014 (1)
  • June 2014 (3)
  • May 2014 (5)
  • April 2014 (2)
  • February 2014 (1)
    © 2019 PACid Technologies
    ↑
    Responsive Theme powered by WordPress