In today’s increasingly digitized, cloud-based world, insider threat is a REALLY, REALLY big problem. And it’s only getting worse. A recent report from Vormetric found 89% of the senior business managers and IT professionals surveyed felt their organizations were more at risk from insider threat than ever before. It also found that the most dangerous insiders are those who have privileged access, followed closely by contractors and business partners. As it turns out, you don’t have to set out to inflict damage on the organization. Beyond deliberate threats to your organization’s core assets, an insider threat, by definition, also covers the inadvertent actions of careless employees.
At the risk of sounding like a slightly dark Dilbert cartoon, your employees are likely making mistakes on the network that have consequences beyond the typical harmless PEBCAK issue or ID-10T error. This goes beyond your run-of-the-mill enterprise paranoia around the mobile and cloud-based productivity tools your employees increasingly use on a daily basis.
Following an inadvertent move from a Cottage Health System’s employee, a disabled security server led to the exposure of tens of thousands of patient files for about two months to anyone searching the internet. The accidental exposure led to a claim for coverage that their insurer refused to cover, since Cottage failed to follow even the minimum required security standards. In the lead up to announcing a run at the White House, Florida Governor Jeb Bush and his team built a website where they could publish thousands of his gubernatorial emails. Admiration for this spirit of transparency was short lived, though, when it was discovered that all were published along with the email address of the sendee, and many contained sensitive information like social security numbers. Oops.
Then again, some instances of user behavior are more sinister or bizarre:
A trusted contract programmer who had been working with a software company for 30 years inserted one line of code into the software that would tell it to shut down after a random number of power cycles and not come back up. Customers would then call him to save the day, thus fuelling his side business and giving him extra income. An employee of a foreign government agency — who was apparently also stuck in a failing marriage — used his privileged access to put his wife on a no-fly list. Her appeals were ignored for three years until the husband was up for a promotion and his superiors found out his wife was a supposed terrorist during a routine background check, saw her appeals and discovered the plot.While locked in labor negotiations with union employees, a large U.S. city suffered mysterious issues at four major intersections, where traffic lights would randomly blink from color to color. It was later discovered that two union employees who helped to build and design the traffic control system for the city had managed to gain control of the system through a supervisor on the project who had previously shared his credentials.
Much like us, we are sure you’re shocked, amused, and even threatened by stories about employee missteps. But one thing’s for sure, we can all learn important lesson from them. That’s why we’ve launched a Twitter forum called @ShitInsidersDo to highlight some of the most interesting — and horrifying — examples of insider threat in the world today. Whether you’ve been burned by a trusted user who tried to sell plans for a new product to the competition, or Steve from Accounting’s delinquent nephew who jacked his login to the payroll system, we hope you’ll share some of your horror stories with us using #ShitInsidersDo.
You should certainly hire employees you can trust, but trust can be violated intentionally or unintentionally. Having visibility into employees network behavior is critical to organizational security.
Need some help? Contact us to learn more about how we can help you gain DTEX can provide the visibility you need to trust but verify.