Insider threats are the main cause of data loss and breaches to e-security, as it is generally accepted that it is easier for an insider to both intentionally and accidentally leak or misuse data because they already have access to the data. It is thus important for all businesses to understand the nature of such insider threats and how to combat them to avoid financial loss and damage to reputation.
Types of insider threats
Negligence and poor training
A vast number of data and security breaches are caused by negligent employees. A mistake is made, a desktop left logged on, or a storage/smart device lost or left in the open. It is in no way intentional, but it can cause serious damage and harm to the business. The act of negligence may allow access to malicious actors intent on causing harm. They can either pick up the device and then hack into it or simply plug in a removable storage device and download what they can from a desktop that’s been left logged on. This negligence is generally also combined with a poor level of training and education around the risks of poor security and perhaps even no consequences for such negligence.
Sabotage (leaving employees)
When employees are leaving or are disgruntled, it is a prime time to expect sabotage. Intentionally planting malicious software to slow down the organization or intentionally deleting essential files from the server. These are common occurrences and oftentimes only detected by organizations that have the requisite defense against an insider threat, as succinctly detailed by Proofpoint.
Security evaders
Those in too much of a rush to be bothered by the data protection laws, policies, and security protocols that everyone else follows are a sure-fire way for cybercriminals to get in. It is worse than negligence as it is more intentional, but again can be combatted by the thorough training and appreciation of the risk caused by such evasion. Saving a few minutes at log-in could be the end of the company if the wrong person manages to tag along as you evade all the time-consuming security protocols on your way in.
Malicious insiders with third-party partners
Staff and employees that have been co-opted by genuine hackers or fraudsters are now a known means of insider threat. Social media and the dark web have made hacking and e-theft a lucrative crime, and as such, there are always those on the lookout for others to use in their illegal exploits. There needs to be clear education around this issue and a set of well-established and openly communicated consequences for any such malicious and intentional damage to the business.
It may sound more like a John Le Carre novel, than IT security, but the above internal actors are generally responsible for breaches that lead to fraud, sabotage, intellectual property theft, and espionage. Understanding how these insider threats materialize is the first step to combating them. This article has provided some detailed insights as to the specific threats to look out for.