We are confronted by so many cyber threat actors, with the primary focus being on external threats, and when it comes to internal threats, the focus is often on internal negligence. But the reality is we are seeing in more and more cases that external threat actors are actually simply corrupting internal staff members, often in trusted IT and security positions, to overcome even the most sophisticated cyber security systems. Considering that many cybercrime groups operate as organised crime groups, which are already willing to use corruption to achieve their aims, it is not surprising that they are willing to engage in corruption to facilitate their cybercrimes. This talk will explore this concept in detail, showing how corruption related to cybercrime works, how organised crime groups identify targets, and talk about a case study that the presenter was involved in, where a cybercrime group used corruption to pull of a major hack of several government departments.