In brief: An increasing number of IT executives and employees have received offers to become insiders in ransomware attacks. A study and report highlight the need for both external and internal IT security measures.
Hitachi ID recently published the results of its latest survey of North American businesses on ransomware attacks. In it, 65 percent of respondents say hackers have approached them or their employees to help carry out ransomware schemes on their own companies. According to Hitachi, it’s a 17-percent increase from a November 2021 survey. Only 27 percent of those polled said they had never been approached, and eight percent answered “unsure.”
The attackers try to bribe prospective insiders with payments in cash or Bitcoin, usually amounting to $500,000 or less, but a small percentage are offered over a million. About half report the bribe attempt to federal law enforcement, while 18 percent report them internally and externally. Thirty-eight percent of overall respondents said their companies had been hit with ransomware. Of those who said attackers had approached them with bribes, almost half said they later became victims of ransomware attacks.
Most attacker requests—59 percent—come through email, while the rest are via phone calls and social media. Half of the respondents in the survey said they are equally concerned about internal and external security threats, while a little more than a third said they’re only worried about external threats.