Saturday, June 15, 2024

When Data Theft Is an Inside Job

From the University of Nebraska in the U.S. to a leading Canadian credit union, and a dustup between Tesla Motors and China’s Alibaba, insider data theft is trending in IT security anxiety. Insider data theft isn’t new, but it’s a growing problem for organizations of all types and sizes. That’s because personal and business data theft has been increasing in recent years, and many of the perpetrators are insiders.

Worried about Data Theft?

According to a recent survey, 90 percent of organizations feel exposed to ‘insider’ data exploits.IT security professionals, as well as business leaders, are worried, and for good reason. Insider data security threats can expose organizations to data theft and many other types of cybersecurity hazards.

When we hear or read the phrase, “data breach,” it’s easy to think of bad actors wanting to harm or steal data from a business or government agency. But many data breaches occur every day. In these attacks, current or former employees steal data and try to profit from the theft. Verizon 2018 Data Breach Investigations Report cites that more than a quarter (28 percent) of attacks reported were inside jobs. And about three-quarters of these exploits were motivated by profit. “Pure fun” as the report described, was another popular motive.

Plenty of Blame to go around

Insider theft incidents can happen for many reasons. If you’re wondering why insider data theft rates are increasing, look no farther than organizations with:

  • Employees who have a lax attitude about theft. Many employees view data theft as no more serious than taking a pen or paper clips home. In the Black Hat USA 2019 survey of 476 IT security professionals, 24 percent admitted that they would steal company data to sweeten a job application at a competitor.
  • Employeeswho are careless or lack IT security knowledge. Insider threats don’t always involve intentional malice. Often, the cause is employee lack of data protection knowledge or sometimes, simple carelessness.
  • Technical decision makers, who don’t build an IT security culture.Manyemployers don’t use the principle of least privilegeto control access to company data and other assets. Also, employers often fail to train employees in specific security practices and fail to establishan IT security mindset.
  • Modern technology, which exposes IT infrastructure to exploits. Increasing use of APIs and cloud-based services are just two of the time and money-saving advances that make it easier to find and steal datain corporate networks.Technology makes it faster and easier to communicate with and connect to customers, partners, and suppliers worldwide. However, the same technologyprovides more opportunities for data theft.

However, modern DevOps security practices also use advanced monitoring and analytics tools. These advances can detect and prevent data from being accessed, manipulated, or exported by bad actors.

Building Solutions That Protect Against Insider Data Theft

Technologyis a big part of the solution to insider data theft. Companies wanting to combatthis problem are building(or subscribing to)solutions based on several important capabilities. These theft-prevention solutions enable organizations to:

  • Know who’s on the network and what they’re up to. If you can identify suspicious users, monitor their behavior, and alertsystem admins when signs of insider threats occur, you’re more likely to stop bad actors before they can get away.This approach is especially effective when solutions extend surveillance of direct employees to contractors and vendors, who get access to data and systems.
  • Recognize suspicious behavior. Many security organizations use machine learning to compare the behavior of all users against established patterns of normal activity. Non-standard activity helps to identify unusual events and suspicious behavior.
  • Provide immediate alertsof threatening behavior or unauthorized data access.It’s essential that IT and security staffmembers get immediate notification whenanyone gets unnecessary or unauthorized access to sensitive data.
  • Know who interacts with sensitive data and where and when they do it. It’s important to know who in an organization engages with valuable data. For example, employees departing a staff role could be taking data to a black-hat data merchant or to a competitor to increase their chances of landing a job.

Now, companies can subscribe to advanced data theft mitigation services that provide these capabilities and more.

Advanced machine learning and data analytics capabilities monitorand audit behaviour patterns for suspicious activity at on-premises or cloud facilities.

By monitoring many behaviours and signatures in a wide range of data sources,these services can detect and prevent data theft incidents before they occur.And, these convenient, cost-effective cloud services can help organizations avoid the costsand risks of lost productivity, customer trust, and brand reputation.


Latest articles

Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users

Hackers are targeting, attacking, and exploiting ML models. They want to hack into these...

SolarWinds Serv-U Vulnerability Let Attackers Access sensitive files

SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a...

Smishing Triad Hackers Attacking Online Banking, E-Commerce AND Payment Systems Customers

Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes.Resecurity...

Threat Actor Claiming Leak Of 5 Million Ecuador’s Citizen Database

A threat actor has claimed responsibility for leaking the personal data of 5 million...

Ascension Hack Caused By an Employee Who Downloaded a Malicious File

Ascension, a leading healthcare provider, has made significant strides in its investigation and recovery...

AWS Announced Malware Detection Tool For S3 Buckets

Amazon Web Services (AWS) has announced the general availability of Amazon GuardDuty Malware Protection...

Hackers Exploiting MS Office Editor Vulnerability to Deploy Keylogger

Researchers have identified a sophisticated cyberattack orchestrated by the notorious Kimsuky threat group.The...

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles