In 2019, system administrators stole about a third of the personal information sold on DarkNet. The Izvestia newspaper writes about a new leak method based on a study by DeviceLock, a cybersecurity company.
According to Radio Sputnik, IT specialists came under suspicion due to unloading from access control systems, presence of service fields in the merged tables, and the presence of a full backup with a large number of lines.
Moreover, it was possible to establish that this type of information theft accounts for 2% of the total number of theft of user data. And the volume of information obtained through this channel may approach 25-30 percent.
Ashot Hovhannisyan, the technical director of DeviceLock, assures that banks themselves create provocations, engaged in digitalization and the development of financial technologies.
In turn, the director of the information security department of Rosbank, Mikhail Ivanov, explained that system administrators really have access to personal data of clients, since without systems from IT people such systems cannot work for a long time. He emphasized that personal data become known to third parties only with the consent of the customers of the credit institution. However, the bank cannot be responsible for the safety of information in other companies.
Sergei Golovanov, a leading antivirus expert at Kaspersky Lab, is confident that leaks are often caused by system administrators who can do this intentionally or unknowingly.
Positive Technologies Methodology and Standardization Director Dmitry Kuznetsov added that protection from IT specialists requires painstaking work to differentiate responsibilities. According to him, many organizations focus on increasing the loyalty of system administrators.
Earlier, Sputnik radio reported that a blogger in the United States with a gun wanted to buy the desired domain.