Faithful allies turned digital foes

In a recent report, Check Point Research warned that insiders, including employees and hacker groups, are offering their services to cybercriminals on the darknet. The darknet provides a near-perfect level of anonymity, making it an ideal space for cybercriminals to find collaborators who can help them attack organizations from the inside. Job offers on the darknet range from hacking and data theft to malware deployment and ransomware campaigns. Insiders are valuable to cybercriminals because they have access to critical information and can weaken security measures from within. Cybercriminals often entice insiders with financial incentives and specialized training to maximize the extent of harm caused. Insider services are not only sought after by cybercriminals, but insiders are also proactively offering their services, such as SIM card swapping and other illegal activities. Engaging with cybercriminals as insiders carries significant risks, including criminal prosecution and damage to one’s professional reputation, but there are corresponding rewards in the form of direct payments or a share of the profits from stolen data. According to the Ponemon Institute’s “Cost of Insider Threats Global Report,” the average cost per incident related to an insider in 2021 was estimated to be $15.38 million.