Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

Most Attacks Are External, But Never Underestimate The Insider Threat

Even though most cyber-incidents tend to be external attacks, organizations should not underestimate the likelihood of a malicious insider stealing sensitive information or sabotaging internal systems.

Even though most cyber-incidents tend to be external attacks, organizations should not underestimate the likelihood of a malicious insider stealing sensitive information or sabotaging internal systems.

Earlier this month, US Army MP William Millay was sentenced to 16 years in prison for attempting to sell classified military information to the Russians, according to a story posted on the Federal Bureau of Investigation website this week. Millay wasn’t motivated by any political or moral outrage; he was willing to sell secret defense documents just for the money, the FBI said.

Insider Threats“This case really drives home the point that the insider threat is alive and well,” Special Agent Sam Johnson, the supervisor in charge of the national security squad in Anchorage, Alaska, said in the FBI post.

In 2011, Millay began talking to and soliciting help from other military personnel regarding selling classified defense information to the Russians. Many of the people he talked to didn’t take him seriously, but some realized he was serious, special agent Derrick Criswell sad in the story. “No one came forward to report his activity,” Criswell said.

Millay was arrested and taken in custody after dropping off secret documents about military technology at a pre-arranged drop site and retrieving his $3,000 payment. The Russian officer Millay thought he was selling to was really an FBI undercover operative, according to the FBI. The fact that his activities were never reported illustrates the importance of raising awareness about the insider threat, Johnson said.

“Anyone who looks closely at the record of damages caused by breaches will discover that insiders are not only a leading concern but also a leading problem,” Nick Cavalancia, vice-president of marketing at SpectorSoft, told SecurityWeek.

Even Verizon called out insider breaches as a significant issue in its 2013 Data Breach Investigations Report last week. While up to 92 percent of threats came from outsiders, insider threats accounted for 14 percent of total incidents, according to the latest DBIR. Organizations need to “place special focus on the insider,” Cavalania said.

Since 2005, 441 data breaches that involved a malicious insider led to the compromise of more than 32 million records, according to statistics collected by the Privacy Rights Clearing House.

“Insiders cause major damage,” Cavalancia said.

Another recent survey from AlgoSec also highlighted insider threats as a major security concern among information security and network operations professionals. About 65 percent of the respondents rated insiders as the greatest security risk facing their organizations, according to AlgoSec’s State of Network Security 2013 survey.

“Insider threats are a top concern of cybersecurity teams” and organizations need to understand that risks are just as likely to be inside as outside the organization. Security and risk professionals, as well as leading law enforcement agencies, need to recognize the seriousness of these threats, Cavalania said.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Identity & Access

Strata Identity has raised $26 million in a Series B funding round led by Telstra Ventures, with additional investment from Forgepoint Capital, Innovating Capital,...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Funding/M&A

Identity and access governance vendor Saviynt has closed a $205 million financing round.

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...