Insiders Are Cyber Criminals Favourite Connection

Uploaded on 2019-12-18 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Resilience

Employees pose a formidable threat to cyber incident response teams and as insider threats they are an ongoing top danger for companies. Many companies fail to consider that their people are just as important as the software they use when it comes to protecting themselves against cyber threats. 
 
There is an assumption that employees, particularly new starters, have a basic knowledge of IT and IT security, but these skills are not being checked within the first month of employment. Trying to reduce this risk is really difficult to mitigatie and incident-response teams face a range of challenges.
 
Discussions with various incident-response teams has revealed that between 25 to 30 percent of data breaches often involve an external hacker working with an internal employee to crack the organisation’s IT system. There are various methods of detection when it comes to insider threats, including monitoring the log data of employees, and tracking if they download substantial amounts of data to external drives. 
 
Any attempts to bypass security controls or access confidential data that is irrelevant to an employee’s role should be tracked and monitoring employees who access data outside of normal working hours. ​Additionaly, emailing sensitive data to a personal account and excessive uses of printers and scanners are other indicators of insider threats.
 
There are emerging challenges when it comes to monitoring employees without violating privacy laws. With the increase of bring your own device (BYOD) policies, many companies walk a fine line in monitoring employees for insider threats, and balancing that surveillance with employee data privacy. As an example, the General Data Protection Regulation (GDPR) does not explicitly change rules on employee monitoring, but the privacy law does include a number of provisions which will make monitoring more difficult for companies. Under GDPR, employers must seek out valid consent from employees when they monitor their devices.
 
Complying with GDPR mean that the organisation must tell employees that they are being monitored and so potential criminal assistants will know how to avoid being watched.
 
This mean that companies must navigate intentional malicious threats, for instance, a disgruntled employee who wants to destroy or steal data from his employer. They must watch for insiders who are stealing data for the benefit of outsiders, versus unintentional threats, such as a careless worker who may misappropriate resources, mishandle data, open phishing emails or install unauthorised applications.
 
While both types of employees are detrimental to companies, different types of mitigation efforts are needed for each one. For instance, human resource-related efforts are a top priority when rooting out rogue employees, including background checks, non-disclosure agreements and more, while training can help stomp out “unintentionally” malicious employees.
 
How Are Employees Targeted By Hackers?
There are a number of low-tech methods that are adopted by hackers that specifically target employees, some of which may seem too simple to be believed. Methods include: 
  • Social engineering - hackers posing as people within an organisation to obtain access to the network, for example, presenting themselves as a member of IT security and asking for a network password.
  • Baiting - hackers use data captured about an employee to trick them into revealing information. An example is using the information listed publicly on LinkedIn to target a junior employee by posing as the CEO to request an action to be carried out.
  • Unsubscribe buttons - hackers coax employees into downloading malware by hiding links to malware sites in email unsubscribe buttons, which must be included on all marketing emails.
  • Keylogger - also known as keyboard capturing, this technique records and stores strokes of a keyboard and can often pick up personal email IDs, passwords and other sensitive data.
  • Internal threats - current or former employees can gain unauthorised access to confidential data, or infiltrate a business’s network with malicious intent. This can include infecting machines with keylogging software or ‘shoulder surfing’, the act of observing someone typing their password. 
As many as 65% of UK professionals did not receive mandatory IT training in their first month of employment in their current or most recent role.
 
Of these individuals, 74% had never received any IT training at all in their current or more recent role, despite 86% of all respondents saying that they worked on a computer every day. In addition, there is a consensus that employers do not value the ongoing development of employees’ IT skills, as 45% of respondents said that they felt their employer didn’t take this issue seriously. Only 11% said they felt that their managers take the matter of their wider IT knowledge “very seriously”.
 
What Should Businesses Do To Improve Cyber Security Amongst Employees?
An effective cyber security strategy must involve appropriate controls to maintain a base level of security, and a monitoring system to look for attempts to violate the policy. This should be underpinned by training for all employees. It is in the best interest of all businesses to ensure their workers have all the knowledge, awareness and skills they need to help protect an organisation against cyberattacks and data breaches.
 
Each and every person in the workforce, from the minute they are employed, should receive IT training to help them understand data management, protection and disposal best practice. The threat of cyberattacks should never be underestimated, and it is up to employers to ensure that their staff have the tools they need to ensure company data is protected at all times.
 
Most of the threats related to unaware or careless employees, including spam, phishing and ransomware, can be addressed with endpoint security solutions. There are tailored products that can cover particular needs of SMB and Enterprise-level companies in terms of functionality, pre-configured protection or advanced security settings.
 
Overall, while there is evidently much more work to do before businesses are secure from the actions of their own employees, it is nevertheless refreshing to see that many businesses are recognising this, and starting to address the threat from within, with additional training, solutions and human resources.
 
Cyber Employee Training and cyber Audit Strategy Information:-
 
Please Contact Cyber Security Intelligence if you would like more information for Employee Cyber Training and Data/Information Audits and Strategy.  
 
Kaspersky:          Threatpost:              PrivSec:
 
You Might Also Read:
 
Creating A Cyber Incident Response Policy:
 
One in Four Workers Would Steal Company Information:
 
 
 
 
« Ransom Attack Strikes New Orleans
The Biggest Cyber Attack Of 2020 Has ‘Already Happened’ »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Frazer-Nash Consultancy

Frazer-Nash Consultancy

Frazer-Nash is a leading engineering, systems and technology company. Areas of expertise include information security and cyber security.

Atlantic Council

Atlantic Council

The Atlantic Council's Cyber Statecraft Initiative focuses on international cooperation, competition, and conflict in cyberspace.

Dubex

Dubex

Dubex is Denmark's leading business-oriented IT security specialist.

Wind River

Wind River

Wind River delivers the technology and expertise that enables the deployment of safe, secure, and reliable intelligent connected systems.

CSL Group

CSL Group

CSL solutions provide complete end-to-end connectivity services for Security, Fire, Telecare and other mission critical M2M/IoT applications.

Office of the National Security Council (UVNS) - Croatia

Office of the National Security Council (UVNS) - Croatia

UVNS coordinates, harmonizes the adoption and controls the implementation of information security measures and standards in the Republic of Croatia.

Corrata

Corrata

Corrata is an award-winning provider of mobile security and data control solutions for enterprises.

Austrian Institute of Technology (AIT)

Austrian Institute of Technology (AIT)

AIT is Austria's largest research and technology organisation and a specialist in the key infrastructure issues of the future including data science and cybersecurity.

BLUECYFORCE

BLUECYFORCE

BLUECYFORCE is the leading professional training and cyber defense training organization in France.

Secure Technology Integration Group (STIGroup)

Secure Technology Integration Group (STIGroup)

Secure Technology Integration Group, Ltd. (STIGroup) is an innovative firm that provides CyberSecurity consulting, secure IT engineering, managed security services, and human capital solutions.

Fasken

Fasken

Fasken is one of the largest business law firms in Canada and a recognized leader in privacy and cybersecurity law.

LastPass

LastPass

LastPass provides award-winning password and identity management solutions that are convenient, effortless, and easy to manage.

ZEUSS

ZEUSS

ZEUSS is a diversified data center, cybersecurity, and green energy company.

Cyber & Data Protection

Cyber & Data Protection

Cyber & Data Protection Limited supports Charities, Educational Trusts and Private Schools, Hospitality and Legal organisations by keeping their data secure and usable.

Zally

Zally

Using advanced behavioural biometrics and AI, Zally is the world's answer to next-generation security.

Safe Data Storage

Safe Data Storage

Safe Data Storage offer a fully managed, professional, secure UK-based online backup service to businesses, education and charities.