Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-maximum-upload-file-size domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/agcomtech/public_html/wp-includes/functions.php on line 6114

Warning: Cannot modify header information - headers already sent by (output started at /home/agcomtech/public_html/wp-includes/functions.php:6114) in /home/agcomtech/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home/agcomtech/public_html/wp-includes/functions.php:6114) in /home/agcomtech/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home/agcomtech/public_html/wp-includes/functions.php:6114) in /home/agcomtech/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home/agcomtech/public_html/wp-includes/functions.php:6114) in /home/agcomtech/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home/agcomtech/public_html/wp-includes/functions.php:6114) in /home/agcomtech/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home/agcomtech/public_html/wp-includes/functions.php:6114) in /home/agcomtech/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home/agcomtech/public_html/wp-includes/functions.php:6114) in /home/agcomtech/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home/agcomtech/public_html/wp-includes/functions.php:6114) in /home/agcomtech/public_html/wp-includes/rest-api/class-wp-rest-server.php on line 1893
{"id":2705,"date":"2021-02-17T14:01:40","date_gmt":"2021-02-17T20:01:40","guid":{"rendered":"https:\/\/agcomtech.com\/?p=2705"},"modified":"2021-02-26T10:37:21","modified_gmt":"2021-02-26T16:37:21","slug":"the-dangers-within-understanding-insider-threats","status":"publish","type":"post","link":"https:\/\/agcomtech.com\/the-dangers-within-understanding-insider-threats\/","title":{"rendered":"The Dangers Within: Understanding Insider Threats"},"content":{"rendered":"\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t

\n\t\t\t\t\t\t

\n\t\t\t\t

\n\t\t\t\t\t

\n\t\t\t\t\tThe<\/span>\n\t\t\t\t\n\t\t\t\t\tDangers<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t\tWithin: Understanding Insider Threats<\/span>\n\t\t\t\t\t<\/h3>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
The year 2020 witnessed an unprecedented onslaught of cybersecurity threats across the world as the global workforce underwent a forced transition to remote working. However, not all cybersecurity threats come from the outside. In a study conducted by Bitglass, 61 percent of businesses surveyed reported at least one insider-related cybersecurity incident in the last year. This could be anything from negligent employees who lack cybersecurity training to rogue employees who facilitate a breach for personal gain.<\/p>
Considering the increasing frequency of insider threats and the severity of data breaches resulting from them, it goes without saying that all organizations need to take proactive steps to combat this serious security risk.<\/p>
Before taking any preventative security measures, it is necessary to understand who causes these risks and why. In this blog, we\u2019ll discuss all aspects of insider threats including the motivations behind them, potential actors, primary targets, consequences and more.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t
Actors Behind Insider Threat<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
Anyone with access to critical information can pose a potential insider threat if the information is unknowingly or maliciously misused, resulting in a data breach. Businesses need to identify these actors if they want to curb insider threats effectively.<\/p>
Insider threat types can be classified as follows:<\/p>
Negligent insiders<\/strong> \u2013 This may include careless executives or employees with access to privileged information. These insiders don\u2019t have any motivation \u2013 money or otherwise. They are simply careless in their actions or may have fallen victim to a scam. For instance, in one particular incident involving an apparel manufacturer, a careless employee clicking one phishing link from his laptop was enough to compromise the entire network.<\/li>
Malicious insiders<\/strong> \u2013 These are insiders who intentionally abuse their credentials for personal gain. These actors have an advantage over external attackers since they have access to privileged information and are aware of the security loopholes. They may be motivated by monetary gain or may have a personal vendetta against the company.<\/li>
Contractors or vendors<\/strong> \u2013 Sometimes, even third-party vendors and contractors who have temporary access to an organization\u2019s IT network can cause a data breach. The motivation in this case could also be money or vengeance. The US Army Reserves payroll system was once targeted in a similar attack, where a contractor who lost his contract activated a logic bomb to create a delay in delivering paychecks.<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
<\/div>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t $\"\"$ \t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t
Motivations Behind Malicious Insider Threats<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
Malicious insiders are usually motivated by one or more of the following reasons:<\/p>
Money or greed<\/strong> \u2013 Most cases of non-negligent insider threats are motivated by money and personal financial gain. A greedy insider with access to restricted information is most often the culprit in this case. For example, two employees of General Electric stole the company\u2019s intellectual property about calibrating turbines and started a competing firm with this information. After years of investigation, they were convicted in 2020.<\/li>
Revenge <\/strong>\u2013 Another familiar reason for insider threats involves revenge. Disgruntled employees, who believe they have been wronged by the company they once worked for, are usually behind this type of threat. In August 2020, a disgruntled former employee of Cisco deleted hundreds of virtual machines and caused about $1.4 million in damages to the company.<\/li>
Espionage <\/strong>\u2013 Many large organizations across the world have been victims of economic espionage from competing firms. This is mainly done to gain a competitive advantage in the market. A state-owned Chinese enterprise perpetrated espionage against American semi-conductor firm Micron by sending compromised insiders and stole valuable trade secrets.<\/li>
Strategic advantage<\/strong> \u2013 Intellectual property theft against large corporations is most often a result of trying to gain a strategic advantage in the market. Korean smartphone giant Samsung became a victim recently when its blueprint for bendable screen technology was stolen by its supplier.<\/li>
Political or ideological<\/strong> \u2013 There have been many documented cases of insider threats motivated by political or ideological factors. These cases often concern national pride or revenge against another nation for the attack.<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t
Why Insider Threats Are Dangerous<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t $\"\"$ \t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
Insider threats often have a massive impact on your data, primary assets and your bottom line. On top of it all, these threats are often hard to detect and contain. A study by the Ponemon Institute estimates that it takes 77 days on average to contain insider threats once detected.<\/p>
Targets primary assets:<\/strong> Insider threats often target the primary assets of an organization including proprietary information, product information, business plans, company funds, IT systems and more.<\/li>
Results in huge costs:<\/strong> The same study by the Ponemon Institute estimated that the average cost of insider threats has increased 31 percent to $11.45 million in the last two years. These costs include downtime losses, loss of business transactions, loss of business opportunities and more.<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t
Don't Wait to Protect Your Business<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
Although the consequences of insider threats may be disastrous, you don\u2019t have to face this problem alone. If you are wondering how you can mitigate these threats and prevent losses, we\u2019ve got you covered. Reach out to us today to understand the different ways by which you can build a resilient cybersecurity posture against insider threats.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\tArticle curated and used by permission.<\/em>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\tData Source\t\t\t\t<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
Bitglass<\/a> 2020 Insider Threat Report<\/li>
https:\/\/www.zdnet.com\/article\/how-one-hacked-laptop-led-to-an-entire-network-being-compromised\/<\/a><\/li>
https:\/\/www.theregister.com\/2017\/09\/22\/it_contractor_logic_bombed_army_payroll<\/a><\/li>
https:\/\/www.fbi.gov\/news\/stories\/two-guilty-in-theft-of-trade-secrets-from-ge-072920<\/a><\/li>
https:\/\/www.bankinfosecurity.com\/ex-cisco-engineer-pleads-guilty-in-insider-threat-case-a-14917<\/a><\/li>
https:\/\/www.justice.gov\/opa\/pr\/prc-state-owned-company-taiwan-company-and-three-individuals-charged-economic-espionage<\/a><\/li>
https:\/\/edition.cnn.com\/2018\/11\/30\/tech\/samsung-china-tech-theft\/index.html<\/a><\/li>
IBM Cost of Insider Threats: Global Report 2020<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"
The Within: Understanding Insider Threats The year 2020 witnessed an unprecedented onslaught of cybersecurity threats across the world as the global workforce underwent a forced transition to remote working. However, not all cybersecurity threats come from the outside. In a study conducted by Bitglass, 61 percent of businesses surveyed reported at least one insider-related cybersecurity […]<\/p>\n","protected":false},"author":2,"featured_media":2707,"comment_status":"closed","ping_status":"open","sticky":false,"template":"elementor_header_footer","format":"standard","meta":{"ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"0","ocean_second_sidebar":"0","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"0","ocean_custom_header_template":"0","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"0","ocean_menu_typo_font_family":"0","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"0","_jetpack_memberships_contains_paid_content":false,"ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"off","ocean_gallery_id":[],"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[418],"tags":[],"class_list":["post-2705","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-infoposts","entry","has-media"],"jetpack_publicize_connections":[],"aioseo_notices":[],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"https:\/\/i0.wp.com\/agcomtech.com\/wp-content\/uploads\/2021\/02\/Ad-2-No-One-Type-of-Insider-Threat.jpg?fit=1200%2C628&ssl=1","_links":{"self":[{"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/posts\/2705","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/comments?post=2705"}],"version-history":[{"count":4,"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/posts\/2705\/revisions"}],"predecessor-version":[{"id":2723,"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/posts\/2705\/revisions\/2723"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/media\/2707"}],"wp:attachment":[{"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/media?parent=2705"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/categories?post=2705"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/agcomtech.com\/wp-json\/wp\/v2\/tags?post=2705"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}