Cyber criminals are recruiting insiders to carry out telco attacks

Cyber criminals are frequently turning to insiders to gain access to telecommunications networks and subscriber data, according to a new report from Kaspersky Lab.

According to the report, 28 per cent of all cyber-attacks and 38 per cent of targeted attacks now involve malicious activity by insiders. 

Telco providers are some of the top targets for cyber-attacks due to the vast amount of confidential data they collect, so criminals are recruiting employees through underground channels or blackmailing staff with compromising information to carry out their attacks.

The blackmailing approach in particular has grown in popularity as a result of breaches that have leaked sensitive or embarrassing data (E.g. the Ashley Madison leak) and insiders are often specifically targeted in order to gain access to the most confidential data or cause the most damage.

“The human factor is often the weakest link in corporate IT security. Technology alone is rarely enough to completely protect the organisation in a world where attackers don’t hesitate to exploit insider vulnerabilities," said Denis Gorchakov, security expert, Kaspersky Lab.

"Companies can start by looking at themselves the way an attacker would. If vacancies carrying your company name, or some of your data, start appearing on underground message boards, then somebody somewhere has you in their sights. The sooner you know about it, the better you can prepare.”

In order to help protect themselves, Kaspersky Lab advises organisations to educate staff about cyber security best practices, restrict access to sensitive data and systems and carry out regular security audits.

 Image source: Shutterstock/Andrea Danti