Cybercriminals Select Insiders To Attack Telecom Providers

An anonymous reader quotes a report from Help Net Security: Cybercriminals are using insiders to gain access to telecommunications networks and subscriber data, according to Kaspersky Lab. In addition, these criminals are also recruiting disillusioned employees through underground channels and blackmailing staff using compromising information gathered from open sources...

According to Kaspersky Lab researchers, if an attack on a cellular service provider is planned, criminals will seek out employees who can provide fast track access to subscriber and company data or SIM card duplication/illegal reissuing. If the target is an Internet service provider, the attackers will try to identify the employees who can enable network mapping and man-in-the-middle attacks.

Re:It's silly to think that...

[Archtech]

Throughout the later 1990s I gave talks about software security and predicted exactly this. The vast majority of "hackers" (i.e. attackers) in those days were just doing it for fun, to prove themselves, to impress their friends, or whatever. I always ended my talks by warning the audience that this "Garden of Eden" period wouldn't last. Given the large numbers of serious, dedicated criminals out there - not to mention terrorists and national aggressors - it would only be a matter of time before the techniques that had already been demonstrated without the infliction of much harm would be adopted by REAL attackers. And then the suffering would commence, on an industrial scale. Like industrial civilization itself, the Internet is just one enormous fragile target.

The amazing thing is that it's taken so long.

Thanks to H1Bs

[nehumanuscrede]

It won't even cost that much to bribe an insider.

A native worker is expensive, but an offshore type who is brought in to replace the expensive folks. . . . not so much.

Start offering the folks who make $20 / day $50,000 and watch how fast your networks fall.