"Hunting Insider Threats on the Dark Web"

Malicious employees have been found to be responsible for 20 percent of security incidents. Attacks carried out by insiders are 10 times larger, on average, than those carried out by external actors. All organizations should monitor marketplaces, forums, and social media channels for conversations about their company to reduce insider threats. This enables them to detect early signs of an impending attack, such as cybercriminals seeking insider information or disgruntled employees making derogatory remarks. This monitoring must also include the dark web, which is a gold mine for cybercriminals doing reconnaissance on companies since threat actors believe they are beyond the reach of law enforcement and cybersecurity professionals. Companies that threat model for malicious insiders must understand where their infrastructure is the most vulnerable, what assets they have that are the most valuable, and which techniques threat actors commonly employ. Insight into the dark web can help organizations determine how criminals conduct reconnaissance and use malicious insiders, which can help bolster their defense strategies. This article continues to discuss the different types of insider threats and threat modeling for malicious insiders.

Dark Reading reports "Hunting Insider Threats on the Dark Web"