The Dangers of Insider Threats

When data breaches, data loss, and other cybersecurity concerns are the topic of discussion, outside threats tend to dominate. However, insider threats have recently come to the forefront as the greatest risk to businesses today. In a recent Veriato Insider Threat Spotlight Report, it was discovered that 62% of over 260,000 security professionals have seen an increase in insider threats in the last 12 months while 12% are unsure.

The report also documented that:

• 38% of the respondents say that the cost of remediation is estimated to be around $500,000
• 6% say $500,000 - $1 million
• 6% say costs exceed $1 million

With an average of 3.8 insider attacks per year, accumulated costs can run into the millions of dollars.

An insider threat is generally defined as a current or former employee, contractor, or other business partner who has or had authorized access to an organization network, system, or data and intentionally misused that access to negatively affect the confidentiality, integrity, or availability of the organization information or information systems.[1]. There are two types of insider threats, the negligent insider and the malicious insider. The negligent insider accidentally compromises data while the malicious insider willfully sets out to cause harm to the organization.

Malicious insider threats can be categorized by their motives. The main motives are but not limited to personal use, financial gain, and sabotage. An example of one such motive is the case of Mr. Timothy A. Lloyd:

“A man was sentenced to 41 months in prison for using a computer virus that wiped out millions of dollars worth of software at his former employer. The man, Timothy A. Lloyd, 39, of Wilmington, Del., was ordered to surrender on May 1 to begin serving his sentence. Mr. Lloyd was charged with activating a virus three weeks after his dismissal by Omega Engineering on July 10, 1996. Omega, a New Jersey maker of measuring devices, spent $2 million to recreate the computerized manufacturing programs and lost an estimated $10 million in anticipated sales, said V. Grady O'Malley, an assistant United States attorney. Mr. Lloyd's lawyer said the company's losses were far smaller and a result of poor management.”[2]

There are also more and more recent high-profile cases of insider threats such as the case of Anthony Levandowski, Alphabet (Google's parent company) and Uber[3]. The costs of these cases can easily surpass the costs of outside threats.

Wilson Consulting Group (WCG) is proficient at identifying and mitigating complex risks associated with insider threats. An insider threat's presence within an organization or interaction with company-owned IT assets will not raise alarms. This was confirmed by 62% of respondents of the Veriato Insider Threat Spotlight Report that insider attacks are more difficult to detect than external, while the remaining 38% of security professionals are finding that they cannot detect the presence of an insider threat.

Wilson Consulting Group provides services that will aid organizations to detect and prevent these threats. Our Vulnerability Assessment, Penetration Testing, and Cyber Intelligence and Analytics services provide protection against insider threats and perform fraud detection.

Our Vulnerability Assessment and Penetration Testing services:

• Assesses internal and external security threats against host, system, device, network, procedure or person
• Uses real-world attack patterns to verify system, device, network, procedure or person resilience
• Simulate hacks in a highly-controlled environment with minimal disruptions to business processes
• Provides clear and concise security recommendations
• Identifies weaknesses and security issues
• Assesses the resilience of networks and devices
• Provides detailed reports with recommendations

Our Cyber Intelligence and Analytics service:

• Stops the bad guys
• Saves time and resources
• Provides excellent customer support
• Has great reviews from our customers
• Uses enterprise security intelligence
• Implements incident response and threat management
• Provides privileged user monitoring
• Meets compliance requirements

Please contact us here for more information on how to mitigate the risks of insider threats and to determine which service or services are right for your business.

Your Security ... Our Priority

[1] https://www.cert.org/insider-threat/

[2] http://www.nytimes.com/2002/02/27/nyregion/metro-briefing-new-jersey-newark-prison-sentence-in-computer-case.html

[3] https://www.bloomberg.com/news/articles/2017-02-23/alphabet-s-waymo-sues-uber-for-stealing-self-driving-patents