For some years, businesses have been made aware of the security risks associated with common day-to-day computer use. Whether this is file sharing or simply sending an email, password protection and encryption has now become standard practice in order to protect a company’s sensitive material from outsider threats. But could your business’ biggest threat be coming from within?
An Insider Job
According to Verizon’s 2015 Data Breach Investigations Report, more than two-thirds of cyber attacks over the past 2 years have involved emails or websites which mimic legitimate and familiar sources in order to gather sensitive data unscrupulously.
However, Proofpoint’s Human Factor Report 2015 claims that, whereas in previous years these scams were targeted at business customers, these cons are now aimed at organization employees. Internal emails or websites are used to steal staff logins in order to access company systems and data. And who better to target than the click-happy, time stretched sales, finance and middle management teams who happen to have high-security clearance levels.
Sony Pictures fell victim to such an attack in early 2015 when fake Apple ID verification requests tricked many staff members into handing over their logins. While US health organisation Anthem, along with two other major health insurers, saw its employees besieged by typosquatting sites.
Why Login Credential Theft?
Focusing attacks on staff is an effective way of bypassing the vast majority of security measures in place. A verified system login will allow access to data unaffected by a firewall, encryption, or the perimeter.
Cyber criminals also bank on the idea that organizations are too worried to monitor employee online behaviour for fear of breach of privacy. Some companies feel this may protect the feeling that they don’t trust their employees, however, in reality, employees may be unintentional pawns or carriers.
Protecting Your Company from the Inside Out
Detecting a threat may be difficult. Recognising where there are weaknesses in the system or changes to the network behaviour involves a deep understanding of company processes. Especially if there isn’t any peculiar behaviour, such as recorded logins at 3am or huge data downloads. That’s where analytical technology for internal profiling can come into use.
You may also like to adopt the same method as Twitter and send your own staff fake spam in order to raise awareness and increase security levels. Wombat Security did the same and sent its staff internal IT error messages, which if engaged with would state:
"Oops! The email you just responded to was a fake phishing email. Don't worry! It was sent to you to help you learn how to avoid real attacks. Please do not share your experience with colleagues, so they can learn too."
Investing in secure file sharing services and making sure your data transfers will be protected with end-to-end PGP accredited encryption is vital, however, it’s important to place additional procedures in place to protect your organisation and employees.