An insider threat is a type of malicious activity against an organization that comes from users having authorized access to the network, databases, or applications of the organization. These users can be current employees, former employees, or third parties like partners, contractors, temporary workers, etc. This type of threats also includes users who unintentionally cause harm to the business.
Understanding insider threats is highly important because the frequency of insider threats has increased. As per “2020 Cost of Insider Threats: Global Report”, 60% of organizations had more than 30 insider-related threats per year and number of insider threats has increased by 47% in two years.
Types Of Insider Threats:
Malicious Insider: This type of threat includes an employee or partner who purposely tries to steal information or disrupt operations.
Negligent Insider: This is an employee who puts the organization security at risk by not following proper IT procedures. For example –
- An employee who left his computer logged in and unattended.
- An administrator who did not change a default password.
- An IT professional who did not install a security patch.
Compromised Insider: An example of a compromised insider is an employee whose computer has been infected with malware via a phishing scam or compromised downloads. The compromised machine is used by cyber criminals for stealing data, infecting other systems, etc.
How Are Employees Compromised?
Different means that can be used to compromise an insider are:
- Phishing – The target employee is contacted via email or text to bait the individual into providing sensitive information.
- Malware Infection – The machine is infected with malicious software to infiltrate the system and steal sensitive information or user credentials.
- Credential Theft – Cyber criminals adopt techniques such as phishing, malware, bogus calls, and social engineering to trick users into providing username and password.
- Pass-the-Hash – This is similar to password theft attack but relies on stealing and reusing password hash values rather than actual plain text password.
Ways To Prepare Against Insider Threats
Following steps can be used to be prepared against insider threats:
- Employee Training
- Coordinate IT Security & HR
- Build A Threat Hunting Team
- Employ User Behavioral Analytics
Centex Technologies offers assistance to businesses in ensuring security from insider threats. For more information on cybersecurity solutions for businesses, contact Centex Technologies at (254) 213 – 4740.