Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Cybercriminals recruit insiders to attack telecoms providers
Posted on 25-Aug-2016 23:27. | Tags Filed under: News.



Cybercriminals are using insiders to gain access to telecommunications networks and subscriber data, recruiting disaffected employees through underground channels or blackmailing staff using compromising information gathered from open sources - according to a Kaspersky Lab intelligence report into security threats facing the telecommunications industry. 

 

Telecommunications providers are a top target for cyber-attack. They operate and manage the world’s networks, voice and data transmissions and store vast amounts of sensitive data. This makes them highly attractive to cybercriminals in search of financial gain, as well as nation-state sponsored actors launching targeted attacks, and even competitors. 

 

To achieve their goals, cybercriminals often use insiders as part of their malicious ‘toolset’, to help them breach the perimeter of a telecommunications company and perpetrate their crimes. New research by Kaspersky Lab and B2B Internationali reveals that 28% of all cyber-attacks, and 38% of targeted attacks now involve malicious activity by insiders. The intelligence report examines popular ways of involving insiders in telecoms-related criminal schemes and gives examples of the things insiders are used for.

 

According to the Kaspersky Lab researchers, attackers engage or entrap telecoms employees in the following ways: 

 

  • Using publically available or previously-stolen data sources to find compromising information on employees of the company they want to They then blackmail targeted individuals – forcing them to hand over their corporate credentials, provide information on internal systems or distribute spear-phishing attacks on their behalf. 
  • Recruiting willing insiders through underground message boards or through the services of “black recruiters”. These insiders are paid for their services and can also be asked to identify co-workers who could be engaged through 

The blackmailing approach has grown in popularity following online data breaches such as the Ashley Madison leak, as these provide attackers with material they can use to threaten or embarrass individuals.  

 

According to the Kaspersky Lab researchers, if an attack on a cellular service provider is planned, criminals will seek out employees who can provide fast track access to subscriber and company data or SIM card duplication/illegal reissuing. If the target is an Internet service provider, the attackers will try to identify those who can enable network mapping and man-in-the-middle attacks. 

 

However, insider threats can take all forms. The Kaspersky Lab researchers noted two non-typical examples, one of which involved a rogue telecoms employee leaking 70 million prison inmate calls, many of which breached client-attorney privilege. In another example, an SMS center support engineer was spotted on a popular DarkNet forum advertising their ability to intercept messages containing OTP (One-Time Passwords) for the two-step authentication required to login to customer accounts at a popular fintech company. 

 

“The human factor is often the weakest link in corporate IT security. Technology alone is rarely enough to completely protect the organization in world where attackers don’t hesitate to exploit insider vulnerability. Companies can start by looking at themselves the way an attacker would. If vacancies carrying your company name, or some of your data, start appearing on underground message boards, then somebody, somewhere has you in their sights. And the sooner you know about it the better you can prepare,” – said Denis Gorchakov, security expert, Kaspersky Lab. 

 



More information: https://securelist.com/analysis/publications/...

comments powered by Disqus




Trending now »

Hot discussions in our forums right now:

Good riddance to Obama and his drones. Pakistani villagers will be saying the same.
Created by amiga500, last reply by Handle9 on 22-Jan-2017 14:37 (101 replies)
Pages... 5 6 7


The President Of The USA: Donald Trump
Created by TimA, last reply by dejadeadnz on 22-Jan-2017 12:39 (1849 replies)
Pages... 122 123 124


Xtra email no longer receives on Outlook 2003 / Outlook 2011 for MAC
Created by lNomNoml, last reply by hio77 on 22-Jan-2017 13:40 (45 replies)
Pages... 2 3


New Ford Mustang or Holden Commodore or alternatives
Created by MikeB4, last reply by driller2000 on 21-Jan-2017 12:39 (63 replies)
Pages... 3 4 5


$1160 for a car battery??!!
Created by jonathan18, last reply by shakedown14 on 22-Jan-2017 14:49 (58 replies)
Pages... 2 3 4


Upsize my American houses to McMansion value deal.
Created by kingdragonfly, last reply by richms on 18-Jan-2017 15:48 (14 replies)

Spec check on laptop for GoPro editing please
Created by martyyn, last reply by richms on 20-Jan-2017 17:23 (13 replies)

New Unlimited Fixed Broadband
Created by LivingSkinny, last reply by noroad on 19-Jan-2017 11:14 (55 replies)
Pages... 2 3 4