Insider Threat

How the Dark Web Presents New Insider Threats

Carnegie Mellon's Michael Theis Offers Update on Latest Trends

Organizations in all sectors need to be aware of newly emerging insider threats, including those tied to the dark web, says Michael Theis of Carnegie Mellon's CERT Insider Threat Center.

See Also: Preparing for New Cybersecurity Reporting Requirements

"Recently, there's been some research that's shown that [criminals on] the dark web have been reaching out to insiders to buy their login credentials or get them to sell intellectual property," Theis says. "On the other side, we've seen insiders looking for extra money going to the dark web looking to sell their login credentials."

Another emerging threat, Theis says, is ransomware designed to steal intellectual property, rather than earn a ransom payment. The criminals use the malware to encrypt data and then extort insiders to release certain IP in exchange for decryption.

To battle these and other emerging insider threats, organizations must educate staff about the latest cyberattack trends and, as always, limit the amount of data users can access with their credentials, Theis stresses.

In a video interview at Information Security Media Group's recent Healthcare Security Summit in New York, Theis also:

  • Discusses why the healthcare sector is a prime target for cyberattacks;
  • Stresses the need to "bake in security" when developing internet-of-things devices.

Theis is chief counterintelligence expert at Carnegie Mellon's CERT Insider Threat Center. He has more than 25 years of experience as a counterintelligence supervisory special agent supporting the U.S. intelligence community, and more than 30 years of concurrent computer systems engineering experience. At Carnegie Mellon's CERT Insider Threat Center, Theis focuses on research and development of socio-technical controls in computational endoparacology. Previously, he was the first cyber counterintelligence program manager for the National Reconnaissance Office, where he served as chief of cyber-CI investigations and operations for more than six years.


About the Author

Tracy Kitten

Tracy Kitten

Former Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years of experience, she covered the financial sector for over 10 years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.