Security News > 2021 > December > Insider threats: How trustworthy are your employees?
What if an external threat actor would offer your employees easy money to just do a quick action on one of the company's computers? How would the company detect it?
Some of those employees or ex-employees will try to use their knowledge of the company and the data to which they have access to cause harm and affect confidentiality, integrity or availability of the organization's critical information or networks.
"Would you like to earn millions of dollars?Our company acquire access to networks of various companies, as well as insider information that can help you steal the most valuable data of any company.You can provide us accounting data for the access to any company, for example, login and password to RDP, VPN, corporate email, etc. Open our letter at your email. Launch the provided virus on any computer in your company."
In another striking example, a ransomware group started sending emails to employees of several companies.
In addition to hackers compromising companies for their own fraudulent actions, initial access brokers have appeared.
What can be done to protect the company against insider threats?