fbpx
Search
Close this search box.

Insider Threat Risks to Your Business

Building blocks arranged to spell RISK within a series of wood blocks.

Managers are well aware of the threats posted by hackers and cybercriminals to their networks, and most are taking steps to secure their organizations and to ward off these outside threats. However, sometimes the biggest threat to your company comes from within the walls of your office. A recent study funded by the U.S. Department of Homeland Security, the U.S. Secret Service, and the CERT Insider Threat Center at Carnegie Mellon University’s Software Engineering Institute found that malicious insiders within the financial industry often get away with fraud for nearly 32 months before they are detected. At a February presentation at RSA Conference 2013, Dawn Cappelli of the CERT Insider Threat Center presented several instances in which current and former employees damaged companies by planting malware, stealing corporate data, or colluding with outsiders to commit fraud. In fact, the center has tracked 800 insider threat cases since 2001.

Types of Insider Threats to Watch Out For

According to Cappelli, certain employees often are involved in a range of scenarios: Cases involving intellectual property theft, such as business plans or source code, often involve a former employee who worked on the project. Often, these culprits save company information on a USB drive and are never caught. In cases of sabotage, highly technical employees, such as system administrators who become disgruntled after being fired, often set up an attack before leaving the company. Fraud cases typically involve lower-level support employees, such as help desk personnel, who conspire with outsiders.

Potential Sources of Insider Threats

Companies that use file services like Dropbox and virtual machines should be careful, as employees can use these to exfiltrate information. One case Cappelli presented involved a product development manager who had access to clients’ trade secrets. He had access to information on two clients in the semiconductor industry and downloaded 80 documents before leaving the company and taking a job with one of these semiconductor clients. His new employer turned him over to authorities after learning about the breach, including the fact that 18 of the documents belonged to a close competitor. To protect your company from this type of threat, ensure that business partners protect information, audit their controls, and build it into contracts. Another source of potential insider fraud is shared computers. Cappelli spoke of an instance at a university, where two students loaded malware onto publicly accessible computers so they could steal credentials and spy on student records. In another situation at a hospital, a disgruntled security guard, who had a background in system administration, installed malware on systems. He was caught when he posted a video of his work, and another hacker reported him to the FBI. Yet another instance involved a network engineer at a retail company who knew he was going to be fired. He created a VPN token for a fake employee before leaving the company, and then called the company’s help desk pretending to be a new employee requesting a credential activation. After lying low for a few months, the former employee deleted corporate email accounts and virtual machines, creating a major headache for the company. To protect virtual machines, companies can scan memory files and tie virtual environments into existing security systems.

Insider Threat Warning Signs

While these examples of rogue employees wreaking havoc on companies might be scary, they serve as a reminder that threats need not come from outside a business. In a recent Tech Republic article, writer Tom Olzak shares a list of possible signs that an employee is about to go rogue, possibly creating a security risk for your company. His list includes the following: Attempts to circumvent security controls Unexplained, repeated absences on Monday or Friday Pattern of disregard for rule Long-term anger about being passed over for a promotion Pattern of lying and deception of peers or managers Frustration with management for not listening to what the employee considers grave concerns about security or business processes Watch out for these signs that someone may become a threat, and communicate with that employee immediately to attempt to remedy the situation before it spirals out of control. Since employees often hide malicious behaviors from managers, training all employees to watch out for signs of discontent can help with prevention. Providing a way for employees to anonymously report peers can help them look out for your company without fear of being labeled a tattletale.

Corsica Technologies
Corsica provides personalized service and a virtual CIO (vCIO) who serves as a strategic advisor. When it comes to the complex integration of solutions for IT and cybersecurity, the whole is greater than the sum of its parts. We offer cybersecurity solutions, managed services, digital transformation, resale services, and one-off technology projects. Corsica unifies any combination of these services into a complete, seamless solution.

Related Reads

EDI Transactions and Document Types - Corsica Technologies

EDI Transactions: What It Takes To Win

EDI transactions are the lifeblood of processes like order placement, shipping, receiving, claims processing, and more. Across numerous industries, these transactions keep things moving in a way that no other technology can. In fact, you could say EDI solutions make

Read more
EDI 856 - Advance shipment notice - Corsica Technologies

EDI 856: Getting Your Advance Shipment Notices Right

Shipping and logistics get complicated when you have sensitive products and limited warehouse space. How do you ensure the warehouse is ready to receive a shipment—and ready to handle time-sensitive products appropriately? An EDI 856 document solves this problem. This

Read more
Cloud Data Integratoin: Power vs. ease of support - Corsica Technologies

Cloud Data Integration: Power vs Ease Of Support

It’s essential for cloud systems to talk to each other. If they don’t, data can become siloed, without widespread availability across the organization. But cloud systems introduce their own complexities that are different from on-premises systems. How do you choose

Read more

Sign Up For Our Newsletter

Stay up-to-date on the Managed Services and Cybersecurity landscape, and be the first to find out about events and special offers.