Insider Cybersecurity Threats: Stay Vigilant
From ages past, there has always been the calamitous possibility for a colleague to be shockingly revealed as the ‘wolf in sheep’s clothing’, and we can credibly learn from sacred scripture that this will certainly not change even in the present day. So why need be wary of the wolf? Well, the biggest mistake you could ever make is to naively trust somebody who will smilingly watch you sink to the deepest of your downfall. You ought to stay vigilant at all times while scanning through for the likely wolfish cybercriminal.
Many a times, staff contribute to cybersecurity breaches either through personal negligence or deliberate acts of malice in disguise of being undoubtable employees. Among the signs of potential insider security threats are employees accessing sensitive information that is not related to their tasks, multiple requests for access to IT resources not associated with a worker’s job profile, the use of unauthorized devices, and attempts to bypass security mechanisms. Former and disgruntled staff can purposely leak an organisation’s confidential data to inflict damage or sell intellectual property for financial gain at the expense of their employer.
A rogue Tesla employee exposes sensitive data
Not years ago, Tesla Inc. learnt of a disgruntled employee who broke into the company’s manufacturing operating system and sent highly sensitive data to unknown third parties, according to an email the CEO sent staff in June 2018.
The worker, who had been denied a promotion, did quite extensive and damaging sabotage to Tesla’s operations. He inserted bad code into the electric car company’s manufacturing system by making direct code changes under false usernames and illegally exported large amounts of data to third parties. He exploited Tesla’s lacking security posture in regard to privileged access.
Organizations spend a large portion of their security budget on protection against external attacks such as phishing, malware, botnets, and rootkits, but should also have in place procedures to monitor current and former employees who stand a chance cause immense sabotage since they are highly trusted with company assets and the network.
How can you curb mischievous employee-behaviour?
- Assign only the privileges needed to a program, process, or privileged user of a system for the shortest time necessary and in as small a domain as possible.
- Avoid permission creep by not letting long-term employees have permissions that extend to areas outside their normal domain, since it can lead to unauthorized disclosure or alteration of data.
- Set clear terms on when employees should access assets and have the employees specifically accountable for the assets.
- Define proper logging mechanisms and set alarms for unlawful access.
- Limit access to trusted partners, because they too are liable to error.
- Openly talk about implications of data theft and external collusion so that employees may informedly refrain from committing fraud or malice.
- Use proper disposal means of data and assets such as computers, laptops, mobile devices, printers, copiers and fax machines.
Responses