Share
))
HBO and The Ringer's Bill Simmons hosts the most downloaded sports podcast of all time, with a rotating crew of celebrities, athletes, and media staples, as well as mainstays like Cousin Sal, Joe House, and a slew of other friends and family members who always happen to be suspiciously available.
…
continue reading
Manage episode 522283610 series 3625301
Content provided by Chatcyberside. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Chatcyberside or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://staging.podcastplayer.com/legal.
Insider threats are accelerating across every sector. In this episode, Sherri and Matt unpack the CrowdStrike insider leak, the two DigitalMint employees indicted for BlackCat ransomware activity, and Tesla’s multi-year insider incidents ranging from nation-state bribery to post-termination extortion. They also examine the 2025 crackdown on North Korean operatives who used stolen identities and deepfake interviews to get hired as remote workers inside U.S. companies. Together, these cases reveal how attackers are buying, recruiting, impersonating, and embedding insiders — and why organizations must rethink how they detect and manage trusted access.
Key Takeaways
- Build a culture of ethics and make legal consequences explicit.
Use real cases — Tesla, CrowdStrike, DigitalMint — to show employees that insider misconduct leads to indictments and prison time. Clear messaging, training, and leadership visibility reinforce deterrence. - Enforce least-privilege access and conduct quarterly access reviews.
Limit who can view or modify sensitive dashboards, admin tools, and SSO consoles. Regular recertification ensures employees only retain the permissions they legitimately need. - Deploy screenshot prevention and data-leak controls across critical systems.
Implement watermarking, VDI/browser isolation, screenshot detection, and DLP/CASB rules to deter and detect unauthorized capture or exfiltration of sensitive data. - Strengthen identity verification for remote and distributed employees.
Use periodic identity rechecks and require company-managed, attested devices for sensitive roles. Prohibit personal-device access for privileged work to reduce impersonation risk. - Monitor high-risk users with behavior and anomaly analytics.
Flag unusual patterns such as off-hours access, atypical data movement, sudden repository interest, or crypto-related activity on work devices. Behavioral analytics helps uncover malicious intent even when credentials appear valid. - Require your vendors to follow the same insider-threat safeguards you use internally.
Ensure MSPs, SaaS providers, IR partners, and software vendors enforce strong access controls, identity verification, monitoring, and device security. Vendor insiders can quickly become your insiders.
Resources:
- TechCrunch – CrowdStrike insider leak coverage: https://techcrunch.com/2025/11/21/crowdstrike-fires-suspicious-insider-who-passed-information-to-hackers/
- Reuters – DigitalMint ransomware indictment reporting: https://www.reuters.com/legal/government/us-prosecutors-say-cybersecurity-pros-ran-cybercrime-operation-2025-11-03/
- BleepingComputer – North Korean fake remote worker scheme: https://www.bleepingcomputer.com/news/security/us-arrests-key-facilitator-in-north-korean-it-worker-fraud-scheme/
- “Ransomware and Cyber Extortion: Response and Prevention” (Book by Sherri & Matt & Karen): https://www.amazon.com/Ransomware-Cyber-Extortion-Response-Prevention-ebook/dp/B09RV4FPP9
- LMG’s Hiring Security Checklist: https://www.lmgsecurity.com/resources/hiring-security-checklist/
Want to attend a live version of Cyberside Chats? Visit us at https://www.lmgsecurity.com/lmg-resources/cyberside-chats-podcast/ to register for our next monthly live session.
#insiderthreat #cybersecurity #cyberaware #cybersidechats #ransomware #ransomwareattack #crowdstrike #DigitalMint #tesla #remotework
48 episodes
