Major Hacking incident has taken shape of global cyber espionage

Recent hacking campaigns reveal a lot and here is what we should know about hacking activities which reveal how cyber criminals are changing tactics to break into companies network and steal information.

• Hackers are now targeting employees who are disgruntled workers meaning not so satisfied.
• These employees are open to assisting with cyber-attacks through authorized access into their employer’s digital systems as per research. 
• Research reveal defense companies are one of the prime target including hiring processes and their employees.
• Hackers have become a key target of state-sponsored cyber-espionage campaigns, according to a report from Google released before the Munich Security Conference.
• The threat landscape is vast when insider threat comes in question spanning from retail, manufacturing, telecommunications, defense, IT etc.

The report catalogues a “relentless barrage of cyber operations”, most by state-sponsored groups, against EU and US industrial supply chains. It suggests the range of targets for these hackers has grown to encompass the broader industrial base of the US and Europe –from German aerospace firms to UK carmakers.

Organizations face an elevated risk via Insider Threat

Employees hired who can be prime targets for hackers are mostly not happy and satisfied with pay offs and risk of insider threat is growing as hackers spread their tentacles targeting these employees. Luring workers by offering a a share of ransomware payoffs or stolen data sales for their services.

“The lure of coaxing an employee to betray their allegiance is the holy grail for bad actors,” said Mike McPherson, senior vice president of security operations at cybersecurity firm ReliaQuest.

Check Point Research (CPR) researchers note that the rewards for these employees can be quite high; payouts for one-time access or specific files generally range between $3,000 and $15,000.

According to the report, these groups are targeting employees mostly from verticals like banks, telecom, and tech firms to get direct access to private networks and customer information. Basically luring inside staff to sell out information and the payouts are lucrative.

An insider threat is any threat to an organization’s security that comes from within. It could be a disgruntled employee, a careless contractor or a third-party partner with too much access.

Insiders already have access to sensitive systems and data, which makes them uniquely positioned to cause harm whether intentional or accidental.

Major Hacking incident has taken shape of global cyber espionage

As per google, hackers are targeting defense companies and their hiring processes including employees. These are key target of state-sponsored cyber-espionage campaigns, according to a report from Google released before the Munich Security Conference.

The report catalogues a “relentless barrage of cyber operations”, most by state-sponsored groups, against EU and US industrial supply chains. It suggests the range of targets for these hackers has grown to encompass the broader industrial base of the US and Europe –from German aerospace firms to UK carmakers.

Across global defense and aerospace firms, are being directly targeted mostly employees and exploitation of the hiring process has emerged as a key theme. From the North Korean IT worker threat, to the spoofing of recruitment portals by Iranian espionage actors, to the direct targeting of defense contractors’ personal emails as per Google Threat Intelligence (GTIG) report.

A recent attack by a group linked to Russian intelligence indicates how broad the net has become. Hackers appeared to try to steal information by spoofing the websites of hundreds of leading defence contractors from the UK, the US, Germany, France, Sweden, Norway, Ukraine, Turkey, and South Korea.

They continues to observe a multifaceted threat landscape that centers around personnel, and often in a manner that evades traditional enterprise security visibility.    

Understanding the red flags of Insider threat

Understanding insider threat and red flags will take to analyze via layered approach when it comes to
insider threat indicators. This will include monitoring for both technical and behavioral signals. While some organizations incorporate background check for anomalies or personal stressors like financial hardship as one of the red flags.
These factors are supporting factors and the ultimate aim remains detecting intent of persons while hiring many of the factors may not be revealed. These may include behavioral indicators like increasingly impulsive or erratic behavior or noncompliance with rules and policies.

Sources: Insider Threat: Hackers Paying Company Insiders to Bypass Security

Source: https://www.theguardian.com/world/2026/feb/10/state-sponsored-hackers-targeting-defence-sector-employees-google-says