pokemon passwords

4 Different Types of Attacks – Understanding the “Insider Threat”

Understanding the “Insider Threat”

The revelations that last month’s Sony hack was likely caused by a disgruntled former employee have put a renewed spotlight on the insider threat.

The insider threat first received attention after Edward Snowden began to release all sorts of confidential information regarding national security. While many called him a hero, what was too often under-reported was the way Snowden gathered his information – by misusing his credentials. In fact, the 2014 Verizon Data Breach Investigations Report stated that privilege abuse was the most common type of insider threat by far.

Insider threats can pose a real security risk to companies. They can be caused by someone who is purposely malicious, as Sony discovered, or it can be something as simple as someone opening an attachment loaded with malware that allows outsiders the opportunity to steal information.

insider threat security

It is important to understand that there are several different categories of insider threat actors, and each of them represents significant challenges to organizations,” said a security researcher at DoTerra.

They are:

  1. Compromised actors: Insiders with access credentials or computing devices that have been compromised by an outside threat actor. These insiders are more challenging to address since the real attack is coming from outside, posing a much lower risk of being identified.
  1. Negligent actors: Insiders who expose data accidentally — such as an employee who accesses company data through public WiFi without the knowledge that it’s unsecured. A large number of data breach incidents result from employee negligence towards security measures, policies and practices.
  1. Malicious insiders: Insiders who steal data or destroy company networks intentionally – such as a former employee who injects malware in corporate computers on his last day at work.
  1. Tech savvy actors: Insiders who react to challenges. They use their knowledge of weaknesses and vulnerabilities to breach clearance and access sensitive information. Tech savvy actors can pose some of the most dangerous insider threats, and are likely to sell confidential information to external parties or black market bidders.

Data theft by insiders is as much the result of companies failing to implement strategies and technologies to employee monitor behavior and govern access to data as it the actual malicious behavior of an employee seeking financial gain or revenge, Jason Hart, VP, Cloud Solutions, at SafeNet, pointed out.

The enemy within has been a threat to data security for decades and is nothing new,” said Hart. “However, the frequency and impact of insider security incidents have increased because the notion of a ‘security perimeter’ has completely disappeared. Companies have embraced distributed, mobile models for their workforces based on the consumerization of IT and the increased use of shared resources.”

This is especially true with BYOD, cloud services or consumer hosting. “These practices have reduced the effectiveness of traditional security, which has focused on the securing the perimeter, endpoints within the enterprise, and corporate networks.”

To defend against the insider threat, IT departments will need to take a different approach to security. According to Asaf Cidon, CEO of Sookasa, it is time to stop thinking about securing the network or the perimeter and begin focusing on securing the data.

“The worst-case scenario often isn’t a hacker breaching internal systems, despite all the attention that massive hacks like Sony get. It’s an employee that loses his smartphone or has his laptop stolen,” Cidon said. “The best defense lies in securing the data—not just the devices. That means encrypting at the file-level, so confidential information is protected no matter where it ends up. IT administrators need tools that enable proactive security. By being able to track, audit, and control—even employees’ personal devices, security is dramatically enhanced. And by being able to change permission settings in real-time, IT admins can address threats underway, from lost or stolen devices or malicious insiders.”

The key is understanding what data needs be classified as critical, where that data resides and flows, and conducting a risk assessment based on confidentiality, integrity, accountability and auditability, Hart added. “There is no single technology that can provide the silver bullet to stop insider threats. Companies need to adopt technologies such as identity and access management and authentication to set policies that govern who can access what and when. This needs to be coupled with monitoring technologies that provide alerts when data is being accessed from a device or individual outside the normal patterns of activity.”

The sooner companies stop thinking breach prevention and start thinking breach acceptance, the sooner they will be better prepared to minimize the impact of data breaches whether they are from insiders or hackers.

By Jeremy Page

Cloud Syndicate

The ‘Cloud Syndicate’ is a mix of short term guest contributors, curated resources and syndication partners covering a variety of interesting technology related topics.

Contact us for syndication details on how to connect your technology article or news feed to our syndication network.

Long term thought leadership contributors will not show up under the ‘Cloud Syndicate’ section as they will receive their own custom profile on CloudTweaks.

CONTRIBUTORS

What Is Artificial Intelligence? I Can't Define It, But I Know It When I See It

What Is Artificial Intelligence? I Can’t Define It, But I Know It When I See It

What Is Artificial Intelligence? When considering how to draw the line between whether an application is AI or not, I’m ...
Data Breaches And Concerns Over Password Storing Methods

Data Breaches And Concerns Over Password Storing Methods

Data Breach Concerns Data breaches have been plentiful over the past few years, and companies have lost millions of dollars ...
Why a White Label Cloud for Emerging Economies

Why a White Label Cloud for Emerging Economies

White Label Cloud  Given our starting point, one of the inquiries we field every now and then is: ‘why did ...
jobs

How To Become an AWS Certified Solutions Architect

AWS Certified Solutions Architect AWS launched its certification model to validate knowledge of professionals against ever changing standards of the ...
Have you Heard? The Chinese Cloud Is Coming!

Have you Heard? The Chinese Cloud Is Coming!

Alibaba challenges Amazon “Alibaba challenges Amazon in the Cloud marketplace!” Analysts are almost breathless in their commentary. What’s the real ...
Key Takeaways From Dyn's DDoS Attack

Key Takeaways From Dyn’s DDoS Attack

DDoS Attack Takeaways  If you tried to access some of the world’s most popular websites, such as Twitter, Spotify, CNN, ...
Gear Up for the Smart Video Revolution

Gear Up for the Smart Video Revolution

Smart Video Revolution The technology revolution promises to deliver a lot of rewards for organizations that take it by the ...
Is Automation The Future Of Radiology?

Is Automation The Future Of Radiology?

Future of Radiology For those of you who don’t already know, radiology is a subset of medicine that specializes in ...

NEWS

OVH Announces New Hosted Private Cloud Offerings for US Market

OVH Announces New Hosted Private Cloud Offerings for US Market

OVH delivers next-generation services for hosted private cloud, disaster recovery, and hybridity leveraging industry-leading solutions RESTON, VA--(Marketwired - Nov 20, ...
HPE CEO Whitman's surprise exit stumps Wall Street

HPE CEO Whitman’s surprise exit stumps Wall Street

(Reuters) - Shares of Hewlett Packard Enterprise Co (HPE.N) fell 6 percent on Wednesday after Chief Executive Officer Meg Whitman’s ...
Cloud Security Alliance Issues New Code of Conduct for GDPR Compliance

Cloud Security Alliance Issues New Code of Conduct for GDPR Compliance

EDINBURGH, Scotland, Nov. 21, 2017 /PRNewswire-USNewswire/ -- The Cloud Security Alliance (CSA), the world's leading organization dedicated to defining and raising awareness of best practices ...

SPONSORS

Scale your Windows Azure application

Understanding The Importance Of A Flexible Hybrid Cloud Solution

Flexible Hybrid Cloud Solution The cloud computing revolution continues to gather pace, and more and more businesses are coming on-board ...
AT&T Pinpoints 4 Key Elements To Achieving Security With The Internet of Things

AT&T Pinpoints 4 Key Elements To Achieving Security With The Internet of Things

Internet of Things Security The Internet of Things (IoT) is rapidly becoming a part of many of our business processes, ...
Ransomware's Great Lessons

Ransomware’s Great Lessons

Ransomware The vision is chilling. It's another busy day. An employee arrives and logs on to the network only to ...