Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

Most Attacks Are External, But Never Underestimate The Insider Threat

Even though most cyber-incidents tend to be external attacks, organizations should not underestimate the likelihood of a malicious insider stealing sensitive information or sabotaging internal systems.

Even though most cyber-incidents tend to be external attacks, organizations should not underestimate the likelihood of a malicious insider stealing sensitive information or sabotaging internal systems.

Earlier this month, US Army MP William Millay was sentenced to 16 years in prison for attempting to sell classified military information to the Russians, according to a story posted on the Federal Bureau of Investigation website this week. Millay wasn’t motivated by any political or moral outrage; he was willing to sell secret defense documents just for the money, the FBI said.

Insider Threats“This case really drives home the point that the insider threat is alive and well,” Special Agent Sam Johnson, the supervisor in charge of the national security squad in Anchorage, Alaska, said in the FBI post.

In 2011, Millay began talking to and soliciting help from other military personnel regarding selling classified defense information to the Russians. Many of the people he talked to didn’t take him seriously, but some realized he was serious, special agent Derrick Criswell sad in the story. “No one came forward to report his activity,” Criswell said.

Millay was arrested and taken in custody after dropping off secret documents about military technology at a pre-arranged drop site and retrieving his $3,000 payment. The Russian officer Millay thought he was selling to was really an FBI undercover operative, according to the FBI. The fact that his activities were never reported illustrates the importance of raising awareness about the insider threat, Johnson said.

“Anyone who looks closely at the record of damages caused by breaches will discover that insiders are not only a leading concern but also a leading problem,” Nick Cavalancia, vice-president of marketing at SpectorSoft, told SecurityWeek.

Even Verizon called out insider breaches as a significant issue in its 2013 Data Breach Investigations Report last week. While up to 92 percent of threats came from outsiders, insider threats accounted for 14 percent of total incidents, according to the latest DBIR. Organizations need to “place special focus on the insider,” Cavalania said.

Since 2005, 441 data breaches that involved a malicious insider led to the compromise of more than 32 million records, according to statistics collected by the Privacy Rights Clearing House.

“Insiders cause major damage,” Cavalancia said.

Advertisement. Scroll to continue reading.

Another recent survey from AlgoSec also highlighted insider threats as a major security concern among information security and network operations professionals. About 65 percent of the respondents rated insiders as the greatest security risk facing their organizations, according to AlgoSec’s State of Network Security 2013 survey.

“Insider threats are a top concern of cybersecurity teams” and organizations need to understand that risks are just as likely to be inside as outside the organization. Security and risk professionals, as well as leading law enforcement agencies, need to recognize the seriousness of these threats, Cavalania said.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn's first Distinguised Security Engineer

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.