The Insider Threat

The Information Parasite.

A Parasite lives on its host and derives nutrients such as sensitive data, company critical information, intellectual property and other vital assets at the expense of its target.

The average parasite is around an inch in length, possibly even smaller, you wouldn’t even notice if you had one lurking somewhere on your person, would you? The fact is however, that information parasites look no different to you or I and there is probably one in your building as we speak.

The biggest difference between insider and external threats is that while businesses are often capable of dealing with the latter, they are generally found wanting when it comes to identifying suspicious employee behaviour.

Insider fraud was up 43 percent in 2012 and the costs of these breaches can be overwhelming. According to the Verizon 2013 Data Breach Investigations Report, espionage attacks are no longer limited to government agencies. They now include IT companies as well as manufacturing and private limited Companies. The majority of these attacks are targeting trade secrets, intellectual property and trade resources with a goal of furthering the parasites economic interests.

A poll of 300 decision makers conducted by Clearswift revealed that 83 percent of respondents experienced a data security incident in the past year, these results are staggering and strikingly 58 percent of these believed an insider was the perpetrator.

So, how do they do it? Advanced parasites could leave behind keystroke scanning malware which could furtively steal information. These types of threats also enable attackers to steal the credentials of trusted and privileged employees, which in the worst case scenario could lead to your entire network being shut down. You must also consider social engineering and shoulder surfing, trusted employees are not always aware of who is lurking in the office attempting to steal their valuable log in details.

An advanced attack can go unnoticed for up to 243 days – Mandiant 2013 Threat Report.

The best method of effectively preventing the insider threat is to encrypt data storage and ensure that you set up necessary rules which determine who can access valuable data, guarantee that each log in and every access attempt is captured and monitored. As for shoulder surfing, employees must be educated on the dangers of the insider threat and the ways in which information can be misused if it gets in to the wrong hands. Information Security training is vital for every user, in order to keep your organisation secure.

Please follow and like us: