The insider threat is the worst nightmare for a company, as the employees can access company’s most sensitive data without having to circumvent security measures designed to keep out external threats.
The rogue employee can collect, leak, or sell all your secrets, including professional, confidential, and upcoming project details, to your rival companies and much more that could result in significant loss to your company.
And this is exactly what is happening on Dark Web Marketplace — a place where one can sell and purchase everything from illicit drugs to exploits, malware, and stolen data.
According to a new report from the US-based risk security firm RedOwl and Israeli threat intelligence firm IntSights, staff at corporations are selling company’s internal secrets for cash to hackers on one of the most famous dark web markets Kick Ass Marketplace (Onion URL).
Kick Ass Marketplace offers a subscription of up to one Bitcoin (currently around $950) a month to its clients for giving them access to a variety of “vetted and accurate” insider information that is posted onto the website.
Every post is assigned a “confidence rating,” along with advice on whether to buy and sell stock in the associated company, allowing its clients to cash in on the insider secrets they collected.
In May last year, an administrator of the Kick Ass Marketplace site going by the pseudonym “h3x” was interviewed by DeepDotWeb, claiming that his site had 15 investment firm members, 25 subscribers, 3 hackers and 2 trading analysts who observe financial markets and verify the integrity of stolen data before posting it to the website.
According to the new report “Monetizing the Insider: The Growing Symbiosis of Insiders and the Dark Web” [PDF] published Wednesday, Kick Ass Marketplace posts about five high confidence insider trading reports every week and makes some US $35,800 a week.
“In one instance, a hacker solicited bank insiders to plant malware directly onto the bank’s network,” says the researchers Ido Wulkan (IntSights), Tim Condello (RedOwl), David Pogemiller (RedOwl).
“This approach significantly reduces the cost of action as the hacker doesn’t have to conduct phishing exercises and can raise success rates by bypassing many of the organization’s technical defenses (e.g. anti-virus or sandboxing).”
The trio even discovered that one hacker was ready to pay the insider “7 figures on a weekly basis” for helping him gaining access to a bank’s computer.
RedOwl and IntSights suggest that corporations should take the insider threat more seriously by making use of IT security systems to carefully monitor their employees without violating their privacy.