Ransomware rebels: threat actors recruiting insiders for ransomware attacks

Published 08/12/2021, 9:00am

Insider threats have always been a worry for corporations, and now threat actors are upping the ante by offering employees a million-dollar payment to help them breach corporate networks.

In June 2021, security researchers observed that the LockBit ransomware gang had launched their LockBit 2.0 ransomware-as-a-service operation. The relaunch (complete with a redesigned site and sophisticated graphics) offered numerous advanced features, as well as new promotional wallpaper on encrypted devices advertising how employees can earn a million dollars by providing insider information.

Researchers point out that while the message may seem counterintuitive (since it appears on the screens of employees at companies that have already been breached), it is probably targeted at external IT consultants who may see the message when responding to the attack.

Next Steps

It’s no secret that ransomware attacks are on the upswing. To prevent attacks and any potential insider threats, cybersecurity professionals urge businesses to patch bugs and vulnerabilities immediately. If organizations believe they have been victims of a ransomware attack, they are urged to work with a professional and trustworthy ransomware investigation and response team.