Insider Threats in the Digital World are Sinister

in #security5 years ago

Two men are being charged with bribing AT&T employees to unlock phones, compromise the corporate networks, distribute malware, and access customer devices. This went on for several years, going back to 2012, according to the Department of Justice documents. In total, over a million dollars was given out as bribes. Employees were approached online and paid secretly by the accused through shell companies and in cash.   

This situation exemplifies the real risk of insider threats. Volumes can be written about how such risks increase over time. Digital environments are even more susceptible to such risks due to the ability of scale, irrelevance of geographic barriers, obfuscation tools, and outdated access architectures which give insiders tremendous control and influence. 

This is a good case that shows how trusted employees can be manipulated (ie. 'handled') and turned into cancerous agents from within which undermine an organizations security, safety, privacy, trust, and revenue opportunities.    

How many of those customers were using their phones for banking, private communications, or stored sensitive data on the devices. Were there online wallets, connectivity to work networks, or access to financial accounts that could then be accessed by such attackers?    

In our digital world, we all rely on technology to communicate, support decisions, and conduct secure transactions. Insiders have much more access than external malicious hackers to the information and to key infrastructures, putting everyone at risk if proper predictive, preventative, detective, and response controls are not in place and managed accordingly.    

Nobody is immune. Insiders can impact any company. In this case it was likely about unlocking phones and therefore AT&T was attacked.    

Now imagine a threat agent making similar maneuvers to steal IP, cause non-compliance to regulations, use corporate assets as part of an attack against 3rd parties, steal financial assets, sell customer data, gain inside knowledge of acquisitions, inject vulnerabilities/malware into products, distribute ransomware, or to bring down the availability of services for an extended period of time.  Such attacks could happen in the financial, healthcare, communications, critical infrastructure, government, or online services sectors with such an impact as to crater even a large organization and victimize millions of people.     

Cybersecurity teams often focus on external threats (the infamous hoodie wearing 'hackers') and ignore an entire facet of risk around insiders.  It is not a pleasant thought, that trusted coworkers, vendors, suppliers, and even executives might be acting in harmful ways.    

Are we ready to discuss this uncomfortable subject yet?    

#news #technology #tech #business
5 years ago in #security by
$0.15
  • Past Payouts $0.15, 0.00 TRX
  • - Author $0.12, 0.00 TRX
  • - Curators $0.03, 0.00 TRX
15 votes
Reply 3
Sort:  
  • Trending
    • [-]
     5 years ago 

    All it takes is one bad apple to ruin the tree

    $0.12
    • Past Payouts $0.12, 0.00 TRX
    • - Author $0.09, 0.00 TRX
    • - Curators $0.03, 0.00 TRX
    4 votes
    Reply
    [-]
     5 years ago 

    Yea it’s hard to swallow that the person sitting next to you is the bad apple. Totally agree

    $0.12
    • Past Payouts $0.12, 0.00 TRX
    • - Author $0.09, 0.00 TRX
    • - Curators $0.03, 0.00 TRX
    2 votes
    Reply
    [-]
     5 years ago 

    Those you trust and provide access/control are always a potential risk. Nobody want to think that the coworker next to you is a bad apple.

    $0.10
    • Past Payouts $0.10, 0.00 TRX
    • - Author $0.09, 0.00 TRX
    • - Curators $0.00, 0.00 TRX
    3 votes
    Reply

    Coin Marketplace

    STEEM 0.32
    TRX 0.12
    JST 0.033
    BTC 64647.16
    ETH 3160.49
    USDT 1.00
    SBD 4.13