Local Authority and the Federal Bureau of Investigation (FBI) recently apprehended in Los Angeles airport a 27-year-old Russian National for a violation of conspiracy to cause damage to a protected computer. The conspirator was named Egor Igorevich Kriuchkov, who visited the United States with a tourist visa to personally meet his contact or a rogue employee from the targeted company.
Based on the reported document, Egor has contacted an employee of the targeted company in Nevada and offered a 1-Million-dollar bribe for the assistance needed for his group in Russia to be able to penetrate the system of the unnamed company. From August 1 to 21, Egor and his contact exchange communication through WhatsApp in planning the attack. The planning includes the details of the whole infrastructure of the system and other technical information.
The infection alleged will be in the form of a flash drive or an email that the rogue employee will need to run on his computer.
Once compromised, the group based in Russia will launch a distributed denial of service (DDoS) attack to the targeted company network to make way for the malware to completely infiltrate the whole company network infrastructure. The program is a sort of malware that will be able to steal vital information from the company. In return, the adversaries will make a profit by asking ransom to the victim company. The whole transaction should be amounting to $4 million if the plan goes smoothly. As the rogue employee insider confessed that payment for his aid would be either through cash, cryptocurrency, or guaranteed check.
An in-depth investigation revealed that the Russian threat actors have not just targeted the company in Nevada but also other prominent companies in the United States. It has the same modus operation of baiting an insider and bribing them money in helping them to install their malware onto the targeted system. The group ensures that each insider will not be suspected as the malware itself has a self-destruct program for the originating computer of infection to be untraceable upon security investigation.
Egor was caught upon trying to escape the country from Los Angeles airport when his activities were exposed to the FBI. With help from other contacts, he was able to book a flight. However, he got apprehended due to the effective communication of the authorities.
The information gathered is now being investigated by the FBI and local authorities. Given that another prominent business has been targeted by a known insider from the confiscated evidence, this only shows that cybercriminals are not only relying on the aid of spear-phishing emails, website scanning, and system vulnerability exploitation to get through the victim. Other means, as such, conspiring with an insider is also a possibility as it is deemed a fast and easy way to infiltrate the target. Thus, sanity and loyalty checks, aside from security protocols, are heavily regarded nowadays to ensure that we protect ourselves and the company for any type of intrusion.