Insider Threat – Part Deux
In a recent article “Inside the Insider Threat” I explained how devastating a breach could perpetrated by an insider. One of the most critical issues is that these attacks come from inside an organization by seemingly trusted employees.
Just last week an insider attack was thwarted at Elon Musk’s Tesla, dodging a potentially devastating bullet. The FBI uncovered the attempted attack when they discovered a supposed Russian state backed cyber crime gang had tried to bribe one of the company’s employees with a $1million bounty to install malware designed to steal corporate secrets and lock down the operations center at its Gigafactory site near Reno, Nevada.
The big takeaway from this audacious attempt is that these are troubling times when everyone seems to be on edge. This uncertainty makes the adage “Money Talks” ever more pertinent.. While at Tesla the haul is likely worth more than a smaller company the threat is no less serious or damaging. It could be simple greed or a staff member who needs a bit extra cash to make ends meet or maybe pay for an elderly parents care or even extortion. In either case the bribe could be considerably less. Regardless of how much the bribe is or why it would be taken it is still your company that will suffer the damage.
Insider threats need to be a major concern by any company with more than 1 employee and must be a serious consideration in its cybersecurity plan. In the case of Tesla, as quoted by Kevin Lancaster of RapidFire Tools, “These staffers were specifically recruited to do this job by bad actors that were trying to steal Tesla’s proprietary secrets, disrupt their business, score a big payday, and make a splash in the hacking world. While the company was fortunate that its staffers weren’t taken in by the cybercriminals’ sales pitch, relying on employee satisfaction to prevent insider threats isn’t a strong defensive strategy – you need to do a little bit more.”
Our Three Tools Will Help You Fight Back Against Insider Threats
Learn what to look for to learn to spot and stop insider threats. Knowing how to read the signs of a problem, whether it’s a potentially malicious insider or a careless employee, can save your business. Get our “Stop Insider Threats resource package, featuring the “6 Things You Need to Know” whitepaper and a “Combating Insider Threats” eBook to see the things to watch for and what to do. DOWNLOAD IT>>
Add additional protection to data and systems with MFA. Take the sting out of a staffer’s stolen password with a secure identity and access management solution like Passly. Multifactor authentication means that entry requires a second identifier, and single sign on creates individual Launchpads for each user, making it easy to control access points and remove access to critical operations if an account is compromised.
Take steps now to reduce your risk of a business catastrophe caused by insider threats – because while no one wants to think that they can’t trust their staffers to do right by their business unfortunately, it’s the truth.Contact Us