New Attack Asks Employees To Infect Work Computers for a Cut of the Ransom

Ransomware attacks are on the rise and as prevalent as ever. As they steamroll ahead, with cybersecurity teams and the government trying to stay one step forward, attackers continue to evolve with new strategies to make a buck any way that they can.

The latest is this: cybercriminals have been directly emailing employees and asking them to unleash malware inside their employer’s network in exchange for a commission of sorts—the hackers will pay the employee a portion of the ransom paid by the victim company (reference). This latest strategy proves attackers will continue evolving to attack profitable enterprises in pursuit of million-dollar ransoms. 

Here’s an example of what to look out for: 

In the example above, an employee was offered 40% of a million-dollar ransom in exchange for launching malware on his employer’s network, according to threat intelligence agency Abnormal Security.

Here’s What to Watch Out For

While many employees will recognize ill intentions, decline the offer, and report the attempt to your IT security team, some other employees may consider it. For disgruntled or unhappy employees, such an offer can serve as an opportunity.

As an employer, part of proactive IT security means identifying that employees can be a risk entry point. As much as you may not want to consider that an employee would be disloyal, refusing to acknowledge this potential risk could open you up to unnecessary cybersecurity risks.

Is this a new problem?

Unfortunately, no — this is not a new problem. While cybercriminals may be new to the idea, organizations have long since fallen victim to disgruntled employees, both present and past. As always, be sure you are performing proper offboarding for former employees to protect your organization. Be sure network access is revoked, necessary passwords are changed, and account logins are eliminated. Check out our related blog: 10 Steps to Proper Employee Offboarding for IT Security.

If you have questions or need help building a successful IT infrastructure to protect your organization, reach out to PK Tech here.