When we hear about cyber security breaches, they tend to be about a cunning hacker in a far-flung country or a major technological breakdown. These stories are the ones that make headlines, and in a way, they are easier for the victims to admit to. The security threats seem to be beyond the company’s borders and control. But in reality, the majority of cyber attacks are caused by the actions – intentional or not – of people on the inside.
A survey conducted by Nuix found employee behaviour to be one of the biggest risks to the cyber security of organisations; a staggering 93% of respondents listed their own staff as the most prominent cyber hazard and said this persisted irrespective of the security solutions they put in place. Indeed, in the 2016 Cyber Security Intelligence Index, IBM found that 60% of all breaches were committed or caused by insiders. Three-quarters of these were malicious; the remainder were unwitting.
How breaches happen
Chelsea Manning and Edward Snowden demonstrated just how easy it can be to crack even the most high-tech and seemingly secure of information systems. They also showed us how much damage breaches like theirs can do. Cyber attacks can leave organisations with a bill that runs into the millions, and the reputational impact that is difficult, if not impossible to recover from. And all it takes to cause this is a tiny slip-up or a few false moves on the part of an employee.
Deliberate breaches are sometimes committed by staff members who have access to sensitive company information. Particularly risky personnel include IT administrators and senior executives that often have complete access to all of the organisation’s data and infrastructure, as their access credentials are sort after. Some staff members hack and leak data, including passwords, to “get back” at the organisation for a perceived past injustice. Others sell information to rivals or other interested parties to fatten their bank balances.
The integrity of data can be compromised in a number of simple ways, many of which staff don't think of. These include misaddressed emails, sending confidential information to or from insecure home systems, and leaving devices logged in, but unattended. These security threats can be minimised with regular in-house training and awareness-building exercises.
Imposters in the system
The classic case of wolves in sheep’s clothing, hackers on the outside can use information like log-in credentials, phished from employees’ accounts, to pose as them and gain access to the organisation’s systems. The criminals impersonate the blissfully unaware employees to get what they want and then erase all traces of their nefarious activities – making them difficult to catch. And because the breaches come from trusted sources, no warning flags are raised until it’s too late.
What you can do
To address the vulnerability of businesses to an insider attack, there needs to be a shift in the approach of cyber security strategies. It’s not enough to simply guard the perimeter. As a first step, businesses need to identify their “crown jewels”, their most critical data, and then implement an advanced security solution that detects and blocks attacks – both external and internal – before any damage can be done.
In addition, IT admin staff and other employees with high levels of access to company systems and data need to be carefully trained – and regularly, as well as monitored for any suspicious activities. BYOD policies can be beneficial, but also need to be managed as they can present a range of other risks.
Read our Global Threat Report to learn more about the cybersecurity threats your company faces.