The cybersecurity landscape is always in flux, with risk ebbing and flowing around various threats based on market opportunity, success rates and a host of smaller (and sometimes unpredictable) factors that drive cybercrime trends. While it can be a challenge to try to keep an eye on those trends to determine what hazards businesses might be looking at in the near future, there are a few standouts right now. Exploring hazards like cryptocurrency risk and making sure that they’re on the radar of cybersecurity teams can give businesses a valuable edge in staying a step ahead of cybercriminals.

No one wants to believe that someone on their team may not actually have the best interests of that team at heart, but sadly, malicious insider risk is a specter that haunts every organization. It’s also a growing area of danger for businesses. Insider threat risk rose about 40% in 2020, tripling in the last three years, with malicious insider actions responsible for almost 25% of confirmed breaches. What’s driving this increase in malicious insider threats? Money. Economic challenges, increased opportunity due to remote work and a thriving dark web economy that’s paying top dollar for employee credentials and company data plus cryptocurrency risk created by easy, profitable cryptoming is a mix that is proving too tempting for many employees to pass up. 

The Verizon/Ponemon Institute Data Breach Investigations Report 2021 breaks down the reasoning behind incidents like credential compromise, malware and data theft that resulted from the actions of malicious employees. An estimated 70% of malicious insider breaches are financially motivated, chiefly through employees selling credentials or access to systems and data on the dark web. In economically challenging times like these, that fact needs to be top of mind for anyone who is working on defensive strategies to combat insider threat risks. It’s also worth considering cryptocurrency risk as part of your money-motivated malicious insider threat calculation too since crypto mining and bot deployment are very lucrative. Another 25% of the malicious insider incidents surveyed were motivated by espionage, like selling formulas, sensitive data or company secrets. The final cause of malicious insider incidents, around 4% was vengeance by angry employees who just wanted to damage the company. 

Cryptocurrency & Cryptomining

You might not be considering cryptocurrency risk or cryptomining a threat to business cybersecurity, but you’d be dangerously wrong. In the recently released 2021 Cisco Cyber Security Threat Trends report, cryptomining was highlighted as a sneaky risk because of the traffic it generates and the people involved in doing it. Almost 70% of organizations experienced some level of unsolicited cryptomining. This is a particularly important risk to not overlook cryptocurrency risk since cryptomining is often a gateway to other serious and damaging cybercrimes that can do massive damage to an organization. The report also notes that the discovery of cryptomining in a company’s IT environment can indicate the presence of a bad actor. That could be a cybercriminal who has penetrated security and may then exfiltrate data or deploy ransomware or even a malicious insider that has set up a miner to earn extra income. Cryptomining can also threaten business IT through the actions of non-malicious insiders. 

Cryptocurrency is the preferred form of payment for everything on the dark web, and those who do business there are constantly looking for resources that they can abuse to gain more. That presents myriad risks for businesses. Malicious insiders can install cryptomining apps on company devices. That’s risky because many cryptomining apps are actually scams, but it may still be worth taking a chance on for some employees. Company devices can also be infested with cryptomining through non-malicious employee actions like installing games or utility apps. Employees who are hungry for extra income can manipulate their company’s IT environment in a number of dangerous ways to facilitate cryptomining, but they can also earn a handsome payment without going to all of that trouble through the booming cybercrime-as-a-service economy, which is nearly entirely fueled by cryptocurrency.  

Source: ID Agent