MI5 warns IT staff targetted by foreign agencies
Insider threat at all levels
Using espionage methods that echo those seen during the Cold War, junior IT employees are being particularly singled out to help steal information or infiltrate the network with malware, thereby threatening national security.
Cyber attacks have been classified as a tier one threat to the country, according to the national security risk assessment, meaning they are both likely to occur and to have a significant impact, and recent months have seen a growing number of high-level conversations between the security service and executives, to promote digital defence increases. Meanwhile, the government is also focusing on improved cyber security at banks, utility companies, energy providers and other nationally crucial organisations that are particularly vulnerable to attacks.
However, despite many security improvements, few organisations have adequate internal protections in place to guard against malicious actions of their own staff. Especially now, when even the most junior IT employees can be highly coveted intelligence assets due to their often wide-ranging network privileges.
“The threat of espionage did not end with the cold war,” Paul Stockton, who until last year was US assistant secretary of defence, told the FT. “The risk continues to exist in the UK, the United States and all of our security partners that foreign powers will recruit insiders to serve the interests of those powers, either for ideological reasons or for money. There have been repeated incidences of this.”
Stockton, now managing director at Sonecon, points out that it is not necessarily the employees at the highest levels that pose the highest risk within an organisation. “Rather it is systems administrators and others who hold the keys to the IT kingdom that pose such significant potential threats.”
Ross Brewer, vice president and managing director for international markets at LogRhythm, commented that the traditional focus on anonymous, external hackers overlooks the significance of insider threats—from all employee levels—leaving businesses starkly vulnerable. “Continuing to ignore this could now lead to catastrophic consequences that threaten not just the company, but the entire nation's secrets,” Brewer said in an email to SC.
“What's worrying is just how often this still goes undetected. In a recent LogRhythm survey, we found that almost half of employees within the UK admitted to having accessed or taken confidential information from the workplace, while 79 percent claimed their illegitimate actions had never been identified. This indicates a gross level of negligence by companies who really should know better. Only by taking control and monitoring both external and internal activity will businesses be able to compete with the bad guys.”