
Rise of Darknet Stokes Fear of the Insider - snowy
http://krebsonsecurity.com/2016/06/rise-of-darknet-stokes-fear-of-the-insider/
======
ogn3rd
This really highlights poor working conditions. Stop treating your employees
like their the stuff stuck on the bottom of your shoe and just maybe they'll
stop looking for ways to get even. It's also why Glassdoor exists.

~~~
pyre
On the other hand, there are sub-par workers that have a higher than reality
view of their skills who also get disgruntled that they are not treated like
rockstars.

------
maxander
Or maybe, _just maybe_ , you should wonder why your company is full of
disgruntled employees in the first place. Perhaps even listen to their
complaints, if you're really feeling like a radical egalitarian or something.

~~~
grb423
I think even HeavenCo would have one disgruntled employee. And all it takes is
one. This is chilling.

~~~
Aelinsaar
When it's just one though, they stand out and good management can spot them
before a crisis (usually). The issue arises when you have a sea of
disgruntlement, and you have to pick out the one or two who are
_pathological_.

------
willvarfar
Hard not to imagine a "buy our services!" hidden message in this piece; it's
really aimed at budget spenders and not techies.

~~~
thedudemabry
"More serious and expensive offerings apply machine learning to internal human
resources (HR) records, and work to discover and infiltrate online crime
rings."

Their first offering sounds pretty unlikely to yield results and the second
seems ethically dubious to undertake for a single client.

~~~
Bartweiss
If they could turn basic HR records into a detailed threat assessment, they'd
be selling that ML breakthrough to everyone in the world rather than pitching
online scare stories.

I'm betting "apply machine learning to internal... records" looks more like
listing the employees with disciplinary records and going "revoke network
access from these people".

------
hackuser
To a degree these worried companies seem to be overreacting:

* Disgruntled insiders always have been a security threat, and usually the biggest threat.

* If the seller is operating on open markets, even anonymously, the company has much more visibility into what's happening than before, when the transactions were more private (I assume). The markets must have sufficient liquidity (i.e., buyers) for the seller to succeed, so I would guess that only reasonably well-known darknet markets would be used. Just monitor those markets and you know what is being sold and in many cases can narrow down who the seller is or even catch them and the buyer.

* Fear of a sociopathic 'lone wolf' is often exaggerated. Consider the similar reaction to terrorist attacks: People think, 'anyone could buy a gun and shoot up a crowded place', but that's not how it works. Physically, anyone could do it - anyone could drive their car into a crowd, an opportunity that arises billions of times per day - but people don't do it. The evidence is overwhelming: Human behavior is much safer than we fear.

* I suspect some is an overreaction to an unfamiliar new tech with a scary name: The Darknet.

~~~
drvdevd
Interesting take. When I first read this article I admit to buying in to the
sensationalism a bit -- but I'll have to agree with you that The Darknet
really hasn't changed this situation significantly, rather it's just
introduced a more convenient route for would be malicious insiders.

Also, from another perspective (as you explain), it's actually made it
_easier_ to catch such insiders, due to the open nature of these markets
(regardless of the fact that they're 'Dark' or believed to be anonymous).

------
ocschwar
Seems overly paranoid. The only people who can gain from the leakage of
proprietary data from their competitors also have a lot to lose if they make
use of such data and get caught at it.

~~~
jmcgough
This is almost never about proprietary information. Typically it's accessing
and selling user/cc info, infecting users, or defrauding the company (rebate
scams for fake items).

------
nickpsecurity
In case any are interested, the original model and experiment for a leakers'
market was Tim May's BlackNet as described here:

[http://osaka.law.miami.edu/~froomkin/articles/tcmay.htm](http://osaka.law.miami.edu/~froomkin/articles/tcmay.htm)

Good news he only received a few offers despite all the privacy tech involved.
I wonder what the number would be today. Wikileaks shows it could be
significant.

------
Havoc
Seems to be down. Mirror anyone?

