With all the recent news surrounding cyber attacks, you may think that the majority of security breaches are perpetrated by outside attackers. However, this is not so. In reality, 55% of all attacks are carried out by malicious insiders or inadvertent actors.
Such actors include:
- Disgruntled employees who still have old privileges
- Third-party contract workers
- Insiders who take advantage of expired or orphaned accounts and sell classified information for financial gain
- Inadvertent insiders who fall prey to phishing scams or social engineering schemes that grant access to outside attackers
In IBM’s 2015 Cyber Security Intelligence Index, it reveals that its security services experienced approximately 81 million security events in 2014. This amounted to over 12,000 attacks and 109 incidents for each of their clients—a 36% drop in attacks compared to what they saw in 2013. The number of incidents, however, stayed the same.
The Index also shows that the leading category of all security incidents in 2014 was “Unauthorized Access.” In fact, Unauthorized Access was shown to be nearly twice as prevalent in 2014 than in 2013 among their top 5 industries.
Those industries include:
- Finance and insurance
- Information and communication
- Retail and wholesale
- Energy and utilities
Why Have Insider Threats Become More Prevalent?
For starters, the rise of social media, cloud mobility, and big data is making threats hard to identify while also providing more ways to access protected information. Social engineering (a non-technical method of intrusion that attempts to trick people into breaking normal security procedures, such as persuading them to run malware-laden email attachments or convincing them to freely give up sensitive information) has shifted from annoying spam emails to legitimate attacks. Many people have even made spamming a business of sorts.
There are many for-profit operators that create and sell spam campaigns to trick inadvertent insiders to open shady attachments and links. While the current volume of spam is comparable to that of 2013, the percentage of spam carrying malware has jumped from 1% in 2013 to about 4% in 2014.
So, the reason for the increased prevalence of insider threats seems to be that they are proving to be more profitable for spammers to attack.
How to Defend Against Insider Attacks
- Set up a network monitoring system that can track where data is coming from and going to.
- Implement better security protocols that limit the amount of information a given employee can access.
- Monitor those with privileged access.
- Be careful with who you trust.
- Set up safeguards, such as encryption, to protect sensitive information in the case that someone does gain unauthorized access.
- Do not store all of your sensitive information in one place.
- Train your employees to be able to recognize social engineering schemes and set up procedures for what to do when they come across one.
Do you know how safe your network is? Contact PerformanceIT today to schedule a free network analysis and see how we can make your network more secure.