While major breaches where millions of records are compromised tend to dominate the news, a much more dangerous and insidious threat goes largely unnoticed — that of the insider. An “accidental insider” is a well-meaning employee who is tricked by adversaries or competitors into revealing passwords or unintentionally installing malicious code onto organizational networks. The first most common way that employees get tricked is via phishing e-mails that seem like legitimate e-mails from colleagues. The second is the Trojan — a hidden bit of malicious code in an email attachment or link. And the third most common way hackers gain access is the via employees’ personal devices. While these aren’t the only ways that adversaries can trick insiders into doing their bidding, they are the most likely to compromise your company. Leaders need to remember that adversaries are persistent and patient. They are willing to work hard, do their research, and target vulnerable employees and high-level executives alike. Understanding their methods and instilling vigilance in all employees is the best way to prevent an accidental insider from hurting your company.
While major breaches where millions of records are compromised tend to dominate the news, a much more dangerous and insidious threat goes largely unnoticed — that of the insider. An “accidental insider” is a well-meaning employee who is tricked by adversaries or competitors into revealing passwords or unintentionally installing malicious code onto organizational networks. Alternately, a malicious insider steals data for personal or financial gain with intent to harm the employer.
How prevalent is the insider threat problem? According to a study performed by Accenture and HFS Research, “2 out of 3 respondents reported experiencing data theft or corruption from within their organizations.” A study by the Ponemon Institute reveals that 62% percent of end users say they have access to company data they probably shouldn’t see.
This means that most employees have access to data they could unwittingly reveal if they’re duped by a clever adversary. Yet, there are some relatively easy ways to protect the organization from the tricks commonly used by the outsider to compromise the insider:
As an email travels from a client through a server to a recipient, there are potential network vulnerabilities all along its path. In fact, when you receive an email, the source address listed has little to do with who the message actually came from. That information can easily be spoofed, and your mail server does nothing to authenticate the origin of the email. Even though an email might look like it came from a trusted source, today’s adversaries are sophisticated social engineers and can easily fool anyone.
While many organizations employ spam filtering software, and we all know not to open emails from mysterious Nigerian generals, what if an email appears to come from a colleague or supervisor? This scenario was recently illustrated when a UK hacker fooled White House officials into revealing personal information.
