Expert Speak
Level up Your IT Security: All About Insider Threats

What do a disgruntled former employee and a vindictive associate with access to an organization’s critical data have in common? They are both high-risk insider threats. Although any cyberattack can be difficult to detect, it is especially difficult to spot insider threats. To avoid the brunt of these attacks, it is imperative to know what signs indicate an insider threat and use this to develop a security model that can defend your organization against these threats.
Despite insider threats being one of the top threats to organizations, traditional cybersecurity strategies seldom focus on them. This makes it harder for organizations to understand insider threats and mitigate them. As insider threats can also be a result of accidental misuse, it is crucial to understand the causes and effects of these threats. To mitigate the risks, organizations can implement a few helpful measures.
Protect the organization’s critical assets
Take inventory of all the critical assets in the organization, including intellectual property, information on internal processes, and customer data. This helps you plan, allocate, and revoke privileged access, ensuring that only the right users have access for the right amount of time.
Deploy solutions that can track employee activity around the clock
Collecting logs from employees’ devices helps you analyze employee activity and identify suspicious behavior. For instance, if there is any unusual activity, such as signing in to the network at 3 am or transferring large amounts of data over the network, it will be logged under suspicious activities. This helps you identify and mitigate insider threats effectively.
Enforce strict data protection policies across the organization
Document privacy and privilege management policies for your organization and educate employees about them. Organizations must maintain records of signed copies of employee acknowledgment forms stating that the employees have read and understood those policies.
Use insider threat detection software
ManageEngine ADAudit Plus leverages user behavior analytics to identify insider threats. It monitors privileged users, detects anomalies, and provides visibility into user activity, helping organizations detect every type of insider attack.
Because the repercussions of insider attacks can be disastrous for organizations in terms of financial and reputational losses, organizations must implement effective IT management solutions to identify and mitigate insider threats.
Artificial Intelligence
How AI is Reinventing Cybersecurity for the Automotive Industry

Written by Alain Penel, VP of Middle East, CIS & Turkey at Fortinet (more…)
Cyber Security
Positive Technologies Study Reveals Successful Cyberattacks Nett 5X Profits

Positive Technologies has released a study on the dark web market, analysing prices for illegal cybersecurity services and products, as well as the costs incurred by cybercriminals to carry out attacks. The most expensive type of malware is ransomware, with a median cost of $7,500. Zero-day exploits are particularly valuable, often being sold for millions of dollars. However, the net profit from a successful cyberattack can be five times the cost of organizing it.
Experts estimate that performing a popular phishing attack involving ransomware costs novice cybercriminals at least $20,000. First, hackers rent dedicated servers, subscribe to VPN services, and acquire other tools to build a secure and anonymous IT infrastructure to manage the attack. Attackers also need to acquire the source code of malicious software or subscribe to ready-to-use malware, as well as tools for infiltrating the victim’s system and evading detection by security measures. Moreover, cybercriminals can consult with seasoned experts, purchase access to targeted infrastructures and company data, and escalate privileges within a compromised system. Products and tools are readily available for purchase on the dark web, catering to beginners. The darknet also offers leaked malware along with detailed instructions, making it easier for novice cybercriminals to carry out attacks.
Malware is one of the primary tools in a hacker’s arsenal, with 53% of malware-related ads focused on sales. In 19% of all posts, infostealers designed to steal data are offered. Crypters and code obfuscation tools, used to help attackers hide malware from security tools, are featured in 17% of cases. Additionally, loaders are mentioned in 16% of ads. The median cost of these types of malware stands at $400, $70, and $500, respectively. The most expensive malware is ransomware: its median cost is $7,500, with some offers reaching up to $320,000. Ransomware is primarily distributed through affiliate programs, known as Ransomware-as-a-Service (RaaS), where participants in an attack typically receive 70–90% of the ransom. To become a partner, a criminal must make a contribution of 0.05 Bitcoin (approximately $5,000) and have a solid reputation on the dark web.
Another popular attack tool is exploits: 69% of exploit-related ads focus on sales, with zero-day vulnerability posts accounting for 32% of them. In 31% of cases, the cost of exploits exceeds $20,000 and can reach several million dollars. Access to corporate networks is relatively inexpensive, with 72% of such ads focused on sales, and 62% of them priced at under a thousand dollars. Among cybercriminal services, hacks are the most popular option, accounting for 49% of reports. For example, the price for compromising a personal email account starts at $100, while the cost for a corporate account begins at $200.
Dmitry Streltsov, Threat Analyst at Positive Technologies, says, “On dark web marketplaces, prices are typically determined in one of two ways: either sellers set a fixed price, or auctions are held. Auctions are often used for exclusive items, such as zero-day exploits. The platforms facilitating these deals also generate revenue, often through their own escrow services, which hold the buyer’s funds temporarily until the product or service is confirmed as delivered. On many platforms, these escrow services are managed by either administrators or trusted users with strong reputations. In return, they earn at least 4% of the transaction amount, with the forums setting the rates.”
Considering the cost of tools and services on the dark web, along with the median ransom amount, cybercriminals can achieve a net profit of $100,000–$130,000 from a successful attack—five times the cost of their preparation. For a company, such an incident can result not only in ransom costs but also in massive financial losses due to disrupted business processes. For example, in 2024, due to a ransomware attack, servers of CDK Global were down for two weeks. The company paid cybercriminals $25 million, while the financial losses of dealers due to system downtime exceeded $600 million.
Expert Speak
What the Bybit Hack Reveals About the Future of Crypto Security

Written by Oded Vanunu, Chief Technologist & Head of Product Vulnerability Research at Check Point (more…)
-
Cyber Security1 week ago
Dubai Hosts GISEC 2025, Driving Billion-Dollar Cyber Growth
-
Cyber Security6 days ago
GISEC 2025 Launches OT Security Conference Amid 49% Infrastructure Attack Surge
-
Cyber Security1 week ago
DESC to Highlight Dubai’s Cyber Defense Strategies as GISEC 2025 Government Partner
-
Cyber Security1 week ago
GISEC Global 2025: A Vital Platform to Connect With Customers and Partners in the Region
-
Artificial Intelligence6 days ago
CyberKnight Partners with Ridge Security for AI-Powered Security Validation
-
Cyber Security1 week ago
Inside the Shadowy World of Investment Scams: How Fraudsters Use Facebook and Fake News
-
Cyber Security1 week ago
Rising Cyber Insurance Pressures Push UAE Firms to Fix Identity Silos and AI Vulnerabilities
-
Cyber Security6 days ago
Huawei Experts Reiterate the Importance of a Unified Cybersecurity Foundation at GISEC Global 2025