Rogue employees are always an imminent threat to a company’s assets regardless of how much paperwork and preventative legal barriers are put in place to prevent it.
Especially prominent in the corporate world, insider threats can cause a significant amount of damage not only to the company’s assets and vital databases, but also to its reputation.
Add one or two unscrupulous deep web criminals in the mix, and the result is a recipe for disaster.
As much as the above scenario is one that every company would not want to turn into a reality, the truth is that hackers are becoming increasingly encouraged to forge alliances with employees in their bid to steal vital information from companies.
Contrary to what many might think, weaponizing these employees is simpler than most would anticipate.
A tantalizing lure is almost always all that is needed for company employees to aid these deep web hackers in their unethical quests to steal company assets and information.
And as terrible as things seem now, experts predict a rapid rise in the number of insider threats within every industry in the coming years.
Insider Trading Rapidly Gaining Popularity on the Deep Web
Succinctly captured in the joint report “The Growing Symbiosis of Insiders and the Dark Web,” co-authored by RedOwl members Tim Condello and David Pogemiller and IntSights member IdoWulkam, is the rise of insider trading activity captured on the deep web.
The trading itself takes place in small, private forums where the insiders’ reputations are based on the quality of their leaked information.
Often, the only way to gain membership into these deep web insider trading groups is to leak company information that should prove to be valid after verification.
The KickAss Marketplace on the deep web has a prominent insider trading presence.
Although it is only a year old, business is apparently booming.
Dealing in anything stock market-related, including the foreign exchange, business remodeling, and prices of various commodities, it is by far one of the most active and lucrative deep web insider markets at the moment.
A KickAss membership goes for 1BTC (approximately $950 USD).
The protocol for trading stolen information is fairly clear-cut: after the member posts his/her information on the forum, he/she waits for verification before the remuneration is paid out.
As is becoming de rigueur with the criminal underworld that is the dark web, such protocols are taken very seriously.
The Lucrative Payouts
KickAss is an adequate benchmark when it comes to deep web insider markets, given that there are regular posts every week.
On average, five posts worth of transactions of roughly 40BTC ($38,500 USD) are available on a weekly basis.
According to the KickAss group administrator, the insiders can make an upwards of $5,000 per month solely on leaking crucial company information.
High Profile Member Lists
Surprisingly, the members of these deep web insider trading groups are reputable, high-profile individuals specialized in areas such as stock analysis and investment firm management.
Based on the nature of their day jobs, it would be safe to assume that most of them are not hard-pressed for cash.
These characters from different walks of life meet up on these dark web platforms for the sole purpose of illegally selling sensitive company data.
As a matter of fact, The Stock Insiders forum is one that conducts these activities with the pomposity of a high-end legitimate stock-trading forum.
Deep Web Hackers Lure Employees with A lot of Money
Approaching an employee in a high end firm could have a lot of benefits for the deep web hacker.
As such, convincing them takes more than just a few thousand dollars in remuneration.
In one particular case in which the attacker requested to be granted direct access to computers responsible for carrying out wire transfers and account accesses, the rogue employee was offered a seven-figure reward on a weekly basis.
Money is and will remain the biggest motivator in these instances.
Deep web hackers find it a lot easier to link up with rogue employees rather than circumvent numerous elaborate security measures—a process that can be more expensive than paying an insider and less reliable—in order to access valuable company information.
As companies struggle to develop a culture of reliability and responsibility among their employees, there is still a mountain to climb in terms of monitoring and regulating employee behaviors.
At the moment, however, deep web hackers seem to have a better understanding of human nature than most companies do.