By Milica D. Djekic
The information could be shared through many different means and right here we would discuss how they can leak out from some organization using insider’s threat sources. The insider’s threats are those people within your business who are willing to release the confidential information to some criminal or terrorist network being present outside.
They may spy on the rest of the enterprise or even steal some valuable objects from there and take them out to their contacts. Through this article, we would analyze which methods of information sharing are most typical to a modern business environment.
Right here we would mention how information could be stolen from some organization. It’s important to know that in case of cyberspace operation – there could be used plenty of social engineering tactics. So, the methods are as follows:
- The e-mail correspondence: Much confidential information could get stolen and forwarded to an external threat using the email accounts. This method could get classified as quite old-fashioned because the majority of Police Forces are trained to confirm that communication line. In order to trick the authorities, the threats would use their private accounts and try to appear as peaceful as possible at their work. Luckily, even those cases are resolvable to the majority of Police Forces.
- Skype communication: The majority of critical information could leak out through the Skype messenger. The insider’s threat could use his private Skype account or add a private contact to Skype for business. It’s clear that during the working hours being spent in the office – the staff is obligated to get online in sense of the Skype’s communication, so it’s logical that the insider’s threat would simply add the private contact on. This scenario is well-known to the authorities, so it’s not that hard to resolve such a case.
- The Darknet communication: The professional threats would usually maintain their communication and do information exchange using some of the Darknet systems. It’s not a rare case that the threat would create several Darknet accounts in order to make the investigation being much harder for the authorities. Also, the security challenges would use fake identities and so commonly share the information through Darknet e-mails, chat services, forums, discussion groups and so on. We believe that modern authorities can cope even with this scenario because it’s something we would meet in a practice so often.
- The mobile technologies: In some cases, the threats would rely on mobile technologies and use phone calls, text messages or web applications to exchange the information. Anyway, they would leave a trace – so, this case got a good perspective to get resolved so far.
- The hacker’s support: So commonly, the insider’s threats would deal with the hacker’s support. It’s well-known that hackers could steal the information from any computer so secretly, but sometimes they would need the assistance of people being inside the organization. This scenario would begin as a usual phishing campaign and some of the employees would click on the suspicious link and make the entire network getting visible to the hackers. In the majority of cases, the computers within a network would not have the valuable data, so some of the local criminals would track the potential target and make a contact in order to recruit that person to serve as an insider’s threat. The today’s hacker’s tools would get a remote administration option, so the insider’s threat would receive the instructions directly on their screen – either as a chat message or as skillfully prepared file. This sort of scenario would also deal with the trace, so we believe that the modern authorities could cope with such a case.
- The meetings in person: Sometimes it can happen that the insider’s threats would get organized to meet in person with their criminal or terrorist contacts in order to talk to them directly or provide them something being so valuable. This type of scenario could also be discovered and proved for a reason the bad guys would carry on their cell phones and leave some sort of the route that can be traced.
This article provides some of the typical cases being present in modern criminology and describes how those examples could get handled in a practice. We hope there would be more research attempts that would try to investigate this topic deeper.
About The Author
Since Milica Djekic graduated at the Department of Control Engineering at University of Belgrade, Serbia, she’s been an engineer with a passion for cryptography, cybersecurity, and wireless systems. Milica is a researcher from Subotica, Serbia. She also serves as a Reviewer at the Journal of Computer Sciences and Applications and.
She writes for American and Asia-Pacific security magazines. She is a volunteer with the American corner of Subotica as well as a lecturer with the local engineering society.