Masked Insider: Threats to Avert!

We hear and read a lot these days about the cybercriminal profile: buttoned up, suit wearing perpetrators!  October, Cyber Security Awareness Month, is the time to look at repercussions of insider threats and who’s behind the mask.

The definition of Insider is one whom the company trusts enough to give access to its assets. Insiders include employees, former employees, contractors, vendors, repair people and custodians. Besides physical and digital access to an organization, these are people who know, in varying degrees, its strategy, future plans, trade secrets, IT systems and network, and organizational strengths and weaknesses. This means that anyone with regular or continual access to your digital network or physical offices is an Insider who could run with the goodies, and should be monitored for signs that flag a disgruntlement needing solved early and peaceably.

Insider threats fall into a few categories which are worthwhile to know and be mindful of, whether working on-site or in-place (as defined by CISA-Cybersecurity & Infrastructure Security Agency):

Unintentional Threats

-Negligent: Imposed as a result of carelessness by persons who are familiar with policies and procedures and choose to ignore them or allow someone to ‘piggyback’ through a secure entry point.

-Accidental: Occurring when one mistakenly or inadvertently mistypes an address or account number; clicks on an infected hyperlink; opens a virus-ridden email attachment; or does not properly dispose of sensitive information.

Intentional Threats

-Malicious: Actions taken to harm an organization for personal benefit or to avenge a personal grievance and (re. digitally) can take the form of information leaking, stealing critical data, or sabotage.

-Collusive: One or more insiders collaborating with an external threat actor who has hired them to compromise an organization, typically by enabling fraud, intellectual property theft, espionage or a combination of all three.

-Third Party: Contractors or Vendors who are not formal staff members but have been granted a level of access to the organization’s facilities and equipment, systems, networks, or people to complete their work.

Their threats are either direct, with individuals acting in a way that compromises the organization; or indirect, when flaws in systems end up exposing resources to unintentional or malicious threat actors.

Whether Insider Threats stem from unintended actions or intentional acts, they are expressed in multiple ways relative to cyber breach, to include theft, espionage, violence, and sabotage of anything related to technology, virtual reality, computers, devices, or the internet. Examples of unintended exposure of an organization’s IT infrastructure, systems, and data that causes harm to the organization are phishing emails, rogue software, and “malvertising” (embedding malicious content into legitimate online advertising). Examples of intentional cyber-threats performed by hostile insiders who use technical means to disrupt or halt business operations are criminal acts of data theft, sale of data or trade secrets to third party bad actors, and using an organization’s known IT vulnerabilities to encourage or execute an attack. It may also entail altering of data or inserting malware that will disrupt systems and networks.

It’s critical to recognize the ways data and operations may be compromised, and hold watch for perpetrators. Knowledge is power to accountably play a part in safeguarding your organization’s proprietary information assets. Be Cyber Aware of who’s behind the mask: Identifying their tricks will take the treat right out of a cyber payday!

Data-Guard 365 is an MSSP firm headquartered in Indianapolis, Indiana, with offices in Chicago, Atlanta, and other strategic locations across the globe. The company is a one-of-a-kind business partner whose people, processes, and technology provide invincible cybersecurity for a price point that pays for itself. 

www.Data-Guard365.com / (317) 967-6767 / info@data-guard365.com