|
Insider Threat. Definition, Types, Examples and Prevention Strategies
|
Posts: 12,911
Threads: 8,882
Thanks Received: 8,764 in 6,923 posts
Thanks Given: 9,657
Joined: 12 September 18
30 September 21, 11:27
Quote:
You might think that you’re taking all security measures to protect your company, but have you ever considered that the danger might come from within? Insider threat is a very serious menace, as many big organizations have discovered on their own.
What Is an Insider Threat?
The term insider threat refers to the threats that organizations face from employees, former employees, business associates, or contractors. These people have access to inside information related to the company’s data, computer systems, security practices, so any fraud, theft or sabotage on their part would hover over the organization’s security.
The malicious insiders’ cybercrimes can include espionage, unauthorized disclosure of information, information technology sabotage, loss or degradation of the organization’s resources.
You might think that you’re taking all security measures to protect your company, but have you ever considered that the danger might come from within?
Insider threat is a very serious menace, as many big organizations have discovered on their own.
What Is an Insider Threat?
The term insider threat refers to the threats that organizations face from employees, former employees, business associates, or contractors. These people have access to inside information related to the company’s data, computer systems, security practices, so any fraud, theft or sabotage on their part would hover over the organization’s security.
The malicious insiders’ cybercrimes can include espionage, unauthorized disclosure of information, information technology sabotage, loss or degradation of the organization’s resources.
According to the FBI, the malicious insiders’ motivations can be personal or organizational:
Quote:Personal Factors
[…]
Greed or Financial Need: A belief that money can fix anything. Excessive debt or overwhelming expenses.
Anger/Revenge: Disgruntlement to the point of wanting to retaliate against the organization.
Problems at work: A lack of recognition, disagreements with co-workers or managers, dissatisfaction with the job, a pending layoff. […]
Ego/Self-image: An “above the rules” attitude, or desire to repair wounds to their self-esteem. Vulnerability to flattery or the promise of a better job. Often coupled with Anger/Revenge or Adventure/Thrill. […]
Compulsive and destructive behaviour: Drug or alcohol abuse, or other addictive behaviours.
Family problems: Marital conflicts or separation from loved ones.
Organizational Factors
[…]
The availability and ease of acquiring proprietary, classified, or other protected materials. Providing access privileges to those who do not need it.
Proprietary or classified information is not labelled as such or is incorrectly labelled.
The ease that someone may exit the facility (or network system) with proprietary, classified or other protected materials.
Undefined policies regarding working from home on projects of a sensitive or proprietary nature. […]
Employees are not trained on how to properly protect proprietary information.
Types of Insider Threats
When it comes to the usual suspects, the press usually points out two types of insider threats: malicious insiders/turncoats and negligent insiders/pawns.
Malicious insiders deliberately steal data. Whatever their reasons might be, they will exfiltrate valuable data like financial or personally identifiable information through various means. They can create backdoors and install remote network administration tools, install malware or other unauthorized software, disable antivirus software and change passwords etc.
Negligent insiders simply refer to regular employees that make mistakes like sending an email with sensitive information to the wrong person, fall for a clever phishing or spearphishing attack, or lose access to their work accounts or devices. Insider Threat IndicatorsAs FBI notes, the clues that point to an insider threat are:
Quote:Without need or authorization, takes proprietary or another material home via documents, thumb drives, computer disks, or e-mail. Inappropriately seeks or obtains proprietary or classified information on subjects not related to their work duties.
Interest in matters outside the scope of their duties, particularly those of interest to foreign entities or business competitors.
Unnecessarily copies material, especially if it is proprietary or classified.
Remotely accesses the computer network while on vacation, sick leave, or at other odd times. […]
Works odd hours without authorization; notable enthusiasm for overtime work, weekend work, or unusual schedules when clandestine activities could be more easily conducted. […]
Overwhelmed by life crises or career disappointments.
Insider Threat Examples
Sage
The Microsoft data breach happened because, at the beginning of December 2019, the employees misconfigured the security rules of a new version of Azure and the access to the database wasn’t protected with a password or two-factor authentication.
The leaked data didn’t contain any personally identifiable information and Microsoft secured the database as soon as they discovered it and notified the affected users, so the company didn’t suffer any fines or penalties.
...
Continue Reading
|
Users browsing this thread: 1 Guest(s)
|
|
Welcome
|
You have to register before you can post on our site.
|
|
 
|
Insider Threat. Definition, Types, Examples and Prevention Strategies
![[Image: hs-Most-companies-protect-themselves-fro...4F7075.png]](https://heimdalsecurity.com/blog/wp-content/uploads/hs-Most-companies-protect-themselves-from-outside-cybersec_4F7075.png)
![[-]](https://www.geeks.fyi/images/collapse.png "[-]")
