What is Insider Threat?

July 12, 2019 posted by



inside of threats have been around for a long time and there can be quite costly for enterprises insiders don't always act alone so we talked about insider threat actors they're kind of three kind of categories that we like to discuss the first one is the malicious inside out this is your traditional guidance that inside perhaps stealing data or sabotaging a business from the inside next we have the the negligent or the well-intentioned misguided person abbreviated to wimp and this is a person that is perhaps performing some activities that they think are beneficial to an organization but they're actually increasing the risk or perhaps they haven't been trained or they have no security awareness about what what their actions are consequences and we also have the external even optimized those funds perhaps less world discuss but this is perhaps where and an organization that has privileged level of access within an organization is compromised on the outside and then they actually the attackers are using them to step across and pivot into an organization and use that access of a negligent probably the wimps these are people that are motivated perhaps with good intentions they may be just being a bit lazy just doing something that perhaps breaking security controls just for a quick fix so these are things that I've actually protected as part of our service because we see our people using Dropbox so people just uploading files and it may you know employees want to do work at home sometimes but perhaps they don't necessarily go back that in the correct way and increase the security risk and the externally compromised them again these are people that aren't necessarily they know they don't know that they're being being an insider threat so if somebody's attacked on the outside and actually can then be used to step across an attack the organization from the inside and the motivations around this are generally what we would expect from the traditional external attackers so again political activism sabotage people looking for a competitive advantage or poor financial gain there's some some nice examples of this so I think what he's heard of the big target breach that millions of credit cards being being stolen Stuxnet that's also another famous example where the Iranian nuclear subs he was was targeted and but actually the people with it started that attack brought in the malware on USB sticks and and they weren't aware that they were were providing an insider threat now this Russian flag this is one that we've actually detected for one of our large customers a big mining firm and they had a facility based on Russia and they had a CCTV provider Russian CCTV problem with a trusted level of access more if she saw was the service that were being used for the CCTV were actually then compromised and then actually being used to come come back inside that the organization we were working for you

1 Comment

One Reply to “What is Insider Threat?”

  1. Cyberseer says:

    Interested in more insider threat statistics? View this infographic on the insider threat landscape ==> https://www.cyberseer.net/infographic-insider-threat-landscape/

Leave a Comment

Your email address will not be published. Required fields are marked *