Disgruntled Employees Stealing Credentials
Hackers are increasingly going after disgruntled employees and asking them to share their credentials in exchange for a share of the proceeds from the attack, said Petko Stoyanov, Forcepoint’s global chief technology officer. Employees are typically offered unfettered access inside the company’s IT systems on their first day of work, meaning that outsiders can take advantage of that access.
Businesses should understand what the legal and cyberinsurance ramifications would be if a disgruntled employee shared their two-factor authentication with a threat actor, Stoyanov said. Companies can limit their exposure to malicious insiders by granting employees credentials with just-in-time access to only the applications that are critical to their day-to-day job responsibilities.
Disgruntled employees leaking credentials is most likely to happen in emerging countries where employees are treated more like contractors and there aren’t any copyright protections in place, according to Stoyanov. Businesses could find themselves in a particularly precarious position if an admin decided to share with a threat group the credentials for all the company’s employees, he said.
