INSIDER THREAT: TO BE OR NOT TO BE?

Updated: Nov 12, 2020


Just when you think you know someone…


Insider Threats come in many forms. Before we examine the differences, let’s consider what the term means. An Insider Threat is a threat that occurs—you guessed it—from inside the company or corporation. But who would do such a thing?


The first type makes up the greatest number of employees—a whopping 63%-- are the Non-Responders. These are the back row, wake-me-when-it’s-over peeps who train with the rest but never quite seem to take to the security regime.


They don’t mean to screw things up for everybody, but they generally don’t care enough not to do it anyway. They will consider briefly, ‘hey, I don’t know,’ and then click the link in an unsolicited email out of curiosity. (Thank you for opening the back door.)


The second type is 'oh-shoot-did-I-do-that' Inadvertent Insiders. These

unintentional insiders try to follow procedures, they really do. They change passwords regularly using strong ones as recommended. They diligently avoid sharing confidential data and do their best to comply with company policy.


However, they do things like send emails from an outside source (home pc, phone, library, etc.) with attachments they wish to share. This invites any bot connections, viruses, malware such as backdoors hidden on one system into the business network the moment the email is opened and shared. Ah, share, and share-alike.


What better way to spread malware or a virus than one attached to that cute video of a cat playing the piano or puppies licking baby feet? Aww…misjudgment also comes from those die-hards trying to get ahead (or catch up, as the case may be) that use thumb drives to take work files home to add that extra special something.


Transfer of files is easy with a thumb drive or dongle, even the ones you didn’t intend to bring back to the office. What, you say? Yeah, just plugging that tiny, magnificent hardware into another PC attracts certain harmful files like gnats to an open wound.


This Insider is responsible for two-thirds of breached records in 2017 according to an X-Force report from IBM. To top it off, 8.5 billion records were breached in 2019. Yeah, you may think you’re doing it right, but next time follow directions.


Then, we have the sneaky creepezoids that not only know what they are doing but know the bad boys on the outside. The Insider Collusion. It’s not as popular as the first two, because let’s admit it, you have to know what you are doing, what files are profitable, and how to get at them. The outsider knows what he wants, and the insider makes it available.


This is a professional dressed like a co-worker, and probably the side-geek that helps you fix whatever you broke without calling for help from IT. These criminals are into fraud and intellectual theft and usually get in and out quickly.


Don’t leave your desk without locking the screen around this one! Attacking the system and leaving you to get caught is easy picking if you leave your PC available. This one is on you.


Have you ever met a gambling addict that was satisfied? Probably not. I’m talking about the kind that has enough money but keeps going back for more. This would be the Persistent Insider.


This attacker is out for financial gain, stealing, and selling whatever the market

demands. Personal data? Got it. Sensitive data? No problem. Next brilliant product? Sure, it’s for sale too.


It may take a little longer to extract, after all, this is just his side hustle. He is

meticulous to keep things to appear as normal taking smaller amounts

of data to avoid suspicion. Slow and steady is this attacker's preference. Besides, he must keep his day job.


Lastly, we have the one that everyone knows, the Disgruntled Employee.

Convenience store workers commit 83% of the theft that occurs in the stores and some say it is due to the hard work for low wages. It is just the overall mentality of some workers in that field. Any business can have disgruntled employees for various reasons.


The Disgruntled Employee with access to intellectual data may commit theft or sabotage. Getting angry and taking files you created is still theft. You worked long and hard on a project to prove your worth. You make the proposal and deliver the presentation.


You are ready for your accolades only to have everything handed over to some pompous suck-up. There is no way you will let that do-nothing butt-kisser take credit for your work. Again.


So, you remove all the files and transfer them to a thumb drive or disk. You take all your notes and even a pen or two with you as you storm out. Like it or not, that is intellectual theft. It is in the fine print of your hiring contract. You know the part about anything you create while working for the company becomes the property of said company, and so on.


And if this isn’t the case, there is always the employee that is planning his departure that steals data before or during that two-week notice of intent to leave the company. This is the get-while-the-getting-is-good response.


So, what does this cost? Join us next time where we dive into the costs to business, stocks, shareholders, insurance, and employees.

33 views0 comments