Last week’s news was all about the insider threat. The Register highlighted how employee negligence is increasing risk in the public and private sectors. Several publications covered the employee-caused data breach at Westpac bank in Australia. SC Magazine rang in with a piece about how a ransomware attack drove a company out of business. The US Department of Justice (DOJ) issued a press release about the sentencing of four individuals found guilty of stealing confidential government information to engage in illegal insider trading. Read all of that out loud and you will run out of breath.
First, El Reg. In Security procedures are good — follow them and you get to keep your job, David Gordon highlights how negligent employees are ignoring basic security procedures to put their organizations at risk. To support the assertion of how wide spread negligence has become, Gordon cites findings from the Dtex 2018 Insider Threat Intelligence Report and our 2018 YouGov report, Uncovering the Gaps, Security Perceptions and Behaviors of Today’s Government Employees. Wrote Gordon:
For updating antivirus software, 85 per cent identified it as important, but only 37 per cent had done so; 69 per cent acknowledged dual-factor authentication but only 30 per cent used it; and 71 per cent said they knew they should change their work login credentials but only 42 per cent had done.
As well as not practicing simple security hygiene, negligent behaviours highlighted include putting sensitive data on file-sharing sites, over-use of unencrypted USBs to transfer files, alongside a growing number of instances of people misusing their security privileges and a growth in the use of high-risk applications.
Now, Down Under. At InfoSecurity Magazine, Kacy Zurkus reported on the incident at Westpac, one of Australia’s largest banks. It seems that a malicious insider helped himself to as many as 80 customer passwords. After accessing them, he shared them with a mortgage broker. You can read the story in full at: Broker Received Password from Westpac Employee
Gone (because of) phishing? Most of us are all well aware of the major financial damages that ransomware attacks cause every year. Seldom do we read reports about one actually driving a company out of business. It seems that was the case in Colorado.
SC Magazine’s Doug Olenick reported that printing company Colorado Timberline shut its doors on Sept. 12 due to a spate of attacks. It appears that a recent ransomware incident was just too much to endure. Varying news reports don’t specify how the ransomware made its way into the company’s systems. It is commonly spread through email phishing attacks, which target one of the most dangerous forms of insider threat — vulnerable insiders. What makes this situation even more compelling to consider, it shows how cyberattacks impact humans. The company’s LinkedIn account indicates that it had employed 55.
The DOJ last week announced yet another case of insider data theft. This time, four defendants were convicted of stealing confidential information from Medicare and Medicaid Services (CMS) to engage in insider trading. The crime quartet profited to the tune of more than $7 million before being caught.
All of these stories highlight how extremely difficult it is to defend against insider threats, whether they be malicious or negligent in nature. Fortunately, the risk that insider threats present can be minimized. You’ll continue to see us write about the solution over and over again — visibility. Without an understanding of what’s taking place in networks, there is simply no way of knowing what type of crimes are taking place or how and where risk is being created. Read more about how Dtex customers rely on platform to gain an overview of activities taking place on and off their networks.