What does this mean and what can you do?
While the world is still deeply immersed in ratifying the new way of working two years since the onset of the COVID-19 pandemic as well as grasping the cyber ramifications of the Russian invasion of Ukraine, a third threat may be going unnoticed.
For organizations innovation is key to stay relevant and succeed in the marketplace and the same goes for the bad guys. Attackers are starting to shift from the typical attack vectors we are used to, and prepared for, and have since started offering incentives to insiders; payment in exchange for access. Attackers are starting to seek out individuals with legitimate access credentials at large organizations across industries to sell their VPN/VDI access. These individuals and groups are not looking for data so it can be believed that they are looking for insider credentials to gain an initial foothold into their targets to exfiltrate data and deploy ransomware payloads.
While it may seem that all is lost, organizations have been heavily investing in insider threat preventative and detective controls to manage this risk. Explore our white paper that covers eight considerations that can be a great starting place to help minimize the potential damage associated with sold accounts.
KPMG professionals are passionate and objective about cyber security. We’re always thinking, sharing and debating. Because when it comes to cyber security, we’re in it together.