One of my previous blogs dealt to a certain degree with the issue of Insider Threats. What this simply means is that a Cyber attack occurs from within the lines of defense at the place of business or corporation, thus its name. As I eluded to, these types of attacks are much more difficult to gauge and predict than those of outside Cyber threats (this is where the attack occurs from outside the lines of defense of the organization). Why are these threats so difficult to capture?
Well, truth be told, anybody from the inside could be involved in launching a covert attack. It could be a contractor that you just hired who has passed all the background checks that are possible; or it could even be your happiest employee who has been with your firm for the longest time.
The bottom line is that anybody who has access to inside your business is a potential threat – because anything and everything could be destroyed in just a matter of a few minutes.
Remember, you can have everybody that is affiliated with your business go through all the security scrutinization you want. They can all pass with flying colors, but there could always be a “rotten egg” who is planning to launch an attack, or just steal confidential information and data. What makes this even worse is that these types of attacks are even that much more difficult to predict.
At least with the outside threats, baseline profiles can be established of the existing threat vectors to try to predict as to what future Cyber attacks will look like. But not with the case of Insider Threats.
In fact, Insider Threats are growing at an ever alarming rate, as it is indicated by a recent study conducted by the Ponemon Institute. Here are some cold, hard truths that it revealed:
*More that 700 IT professionals participated in this survey, and they all agree that the threat is rising on a yearly basis.
*The financial cost to a business or corporation of an Insider Attack is on average $8.76 million, and it takes on average at least two months or even longer to contain the damage which has resulted.
*Employee/contractor threats have risen by 26%, and Cyber attacks have increased by 56%. The theft of corporate information and data has increased by a whopping 170%.
*Quite surprisingly, employee/contractor/third party vendor negligence accounted for 77% of all insider based attacks, while criminal/malicious based attacks accounted for 23% of overall attacks.
*The theft of corporate information/data and login credentials (such as usernames and passwords) accounted for total financial damage of $648,846 per event.
*Organizations with employee size of greater than 75,000 spent an average of $20 million to resolve insider-related attacks; while smaller organizations with less than 500 employees spent an average of $1.8 million trying to solve these types of attacks.
*The average costs of Insider Attacks for companies in the financial services, energy and utilities and retail industries were $12.05 million, $10.23 million and $8.86 million, respectively.
*Businesses and corporations in North America had the financial cost to contain Insider Attacks at $11.01 million. Organizations in the Asia-Pacific and European and Middle Eastern countries experienced financial costs to mitigate Insider Attacks were $5.88 and $7.04 million, respectively.
*As previously mentioned, it took at least two months or more to contain the damage from an Insider Attack, but only 16% of these were contained within a 30 day timespan.
These are truly alarming stats, and only underscore how difficult it really is pin down when an Insider Attack is going to occur. No amount of firewalls, network intrusion devices, routers, antivirus/antimalware/antispyware software, or security training an mitigate these risks. As a business owner, at the most you can do is just trust your gut: If something doesn’t feel right, then it probably isn’t.
The moment you suspect an Insider Attach my be brewing, contact law enforcement agencies (especially the FBI) to help you investigate this further. After all, they have the right tools and trained manpower to help you out. Also, maintain a confidential phone number that your employees can call in order to report any kind or type of odd or unusual behavior.