Public and private sector organization in the US and abroad are increasing their focus on the insider threat. Last week, the Times (United Kingdom) circulated a special report featuring how organizations are using Dtex to counter insider fraud. Based on real-world case studies, the article points out how a wide range of industries are turning to Dtex to gain visibility over their environments in order to reduce related risks. Examples include how banks, government agencies and law firms that specialize in business matters such as M&As recognize that they have malicious insiders that are driving huge costs annually. You can read the full article by picking up a Sept. 6 print edition. If you don’t have access to one, you can read it in full here: Raconteur, Fighting Fraud From Within
The Times isn’t the only organization helping European nations to understand how widespread the insider threat is. Next week, Dtex CEO Christy Wyatt will headline a panel at SINET UK that will feature a number of CISOs talking about how they prioritize threats and technologies. To be held at the British Museum in London, Wyatt will lead panelists and attendees through a discussion that will help sort out the true from the false in a massively crowded market. To learn more about the event and panel, visit the SINET Global Cybersecurity Summit website.
Human Vulnerabilities Continue to Enable Hackers
Last Thursday, the United States Department of Justice (DOJ) unsealed a criminal complaint against Park Jin Hyok, a/k/a Jin Hyok Park. This North Korean citizen stands accused of being involved in a “conspiracy to conduct multiple destructive cyberattacks around the world resulting in damage to massive amounts of computer hardware, and the extensive loss of data, money and other resources.” According to the DOJ press release:
The complaint alleges that Park was a member of a government-sponsored hacking team known to the private sector as the “Lazarus Group,” and worked for a North Korean government front company, Chosun Expo Joint Venture (a/k/a Korea Expo Joint Venture or “KEJV”), to support the DPRK government’s malicious cyber actions.
The Conspiracy’s malicious activities include the creation of the malware used in the 2017 WannaCry 2.0 global ransomware attack; the 2016 theft of $81 million from Bangladesh Bank; the 2014 attack on Sony Pictures Entertainment (SPE); and numerous other attacks or intrusions on the entertainment, financial services, defense, technology, and virtual currency industries, academia, and electric utilities.
The Conspiracy’s methods included spear-phishing campaigns, destructive malware attacks, exfiltration of data, theft of funds from bank accounts, ransomware extortion, and propagating “worm” viruses to create botnets.
In addition to being mentioned six times in the press release, the DOJ mentioned phishing as a primary attack method more than 100 times in the 179-page indictment. This complaint, and several others filed and unsealed recently, shows that even the most dangerous nation-state cyber operators seem to know that run-of-the-mill attack vectors that take advantage of vulnerable humans are what opens the most doors to data and money.
Zero days, ransomware and weaponized malware may be the stuff of great headlines, but nothing seems to pay hackers’ bills like people who are left unprotected. It may go without saying, but we will anyway, that without defense, our most trusted insiders will continue to fall victim to the Park’s of the world.