Employees enticed to deploy ransomware


Recent news of a novel type of ransomware attempt has raised an urgency to address the need for safe and ethical cyber practices. 

Cybercriminals are now attempting to use employees within an organization to plant ransomware on its network. Trying to exploit the human impulse on acquisitiveness and leverage insiders to break an organization's cyber-resilience, attackers offer a high amount of money to employees to work for them.

Black Kingdom Ransomware Attempt Through Employees:

Recently a Nigerian hacker offered $1 Million in Bitcoin to employees to install ransomware called the Black Kingdom on their organization's networks. In Black Kingdom or DenomWare ransomware, the attackers exploited the ProxyLogon Flaws within Microsoft Exchange Servers to malign unpatched systems. While the Black Kingdom ransomware is one instance, attackers are continually evolving with their cyberattack strategies and targeting organizations of high stature to extract money and information
Cyber security practices are getting sophisticated. Advanced technology and tools back threat detection and help in evading attacks. Still, humans remain the weakest link in cyber security and cyber criminals catapult their ways to benefit from this insider threat.

This is not the first attempt of luring employees to be insider threat. Previously Lockbit 2.0 ransomware-as-a-service gang included a solicitation for insiders in the desktop wallpaper on systems encrypted with the malware.

The BlackMatter ransomware gang kicked off its presence on the cybercrime forums with the thread, “Buying/monetizing your access to corporate networks.” This post is advertisement for employees willing to be insider threat for information sharing and actual malware deployment.

Act with Caution:  

It is thus critical for bank employees at all levels to recognize the severity of such attacks and follow caution in responding to any such requests. Leakage of sensitive data or compromise of the security of the banking systems can be highly damaging for the brand and lead to legal complications.

SecurityAdvisor Employee Tips:
Be a line of defence, not an insider threat.
Report any communication offering insider threat lures to company’s IT department
Do not share sensitive information on social media

Learn how SecurityAdvisor can help your team

Schedule some time to talk with one of our experts and they will show you how we can help your organization.

Request A Demo