According to the Ponemon Institute’s global study of insider threats, almost one in four internal compromised data incidents in 2020 were caused by criminal and malicious insiders. Given the increased number of employees working remotely due to the global pandemic, business owners must stay alert to avoid potential risks.
“Employee data theft is a difficult attack to defend the organisation against because it comes from the employees you trust by nature, so it always hits unexpectedly,” explains Oliver Noble, a cybersecurity expert at NordLocker, a data encryption solution. “Although you can’t predict them, understanding why and how employee data thefts are carried out might help you prepare better.”
Most internal actors are financially motivated as they try to cash in on the information they steal. Also, an employee might hold a grudge against their employer and steal data out of spite or revenge. Finally, we get to those who embezzle what’s confidential to start a competing business or benefit their future employer. Unknowingly, you may also have hired an inside agent acting on behalf of some external party.
“Whatever their reason might be, malicious insiders are a ticking bomb once given trusted access to the organisation’s resources,“ says Noble. “They know how valuable and critical the information your company handles is and they are on the mission to steal or leak it.”
What ways are used to steal information?
A new report found that 35% of corporate data leaks include photographs or screenshots taken by insiders. In 13% of cases, wrongdoers make physical copies of documents, whereas 30% of leaks occur through instant messengers, e-mail, or social networks.
Moreover, an employee can infect your company’s computers with malware that may sit there undetected for days or even months before starting damaging your systems or leaking information.
“Every solid business has information of value which may be attractive to other parties, like customer databases, client contracts, confidential project schemes etc.,” Noble points out. “To get it, insiders would do anything, even if it takes them long months of studying your systems and observing their colleagues. Thus, every respected organisation should have some data theft prevention in place to eliminate potential risks as much as possible.”
How can you avoid malicious inside jobs?
Even though it is impossible to completely prevent inside jobs as you might not be aware of malicious insiders plotting something, the following measures may help mitigate the risks:
• Establish the Principle of Least Privilege (POLP). It limits who has access to your critical data depending on employees’ roles and functions.
• Implement an intrusion prevention system (IPS). It analyses real-time traffic and packet logging to help you detect and respond to any suspicious network traffic flows.
• Store data backups in an encrypted cloud like NordLocker in case of ransomware. This ensures the data doesn’t get leaked and access to it isn’t lost.
• Get data loss prevention (DLP) software. It detects potential data breaches, information exfiltration and destruction. The solution monitors, detects, and blocks sensitive data while in use, in motion and at rest.
• Install digital signatures to sign every critical action within your organisation’s systems with a secure mark of authenticity so it’s easier to find the culprit if an incident occurs.
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version