Insider Threat News, Articles and Updates

The curse of the ex-employee - A horror story

Some departing employees have no loyalties to their previous employer, so it is imperative that deprovisioning employees' corporate access on their last day is an absolute priority.

Dangerous data breach at Heathrow: How insiders can threaten public safety

A USB stick was found in the streets of London containing over 70 unencrypted security files from Heathrow International Airport - so what security precautions could and should have prevented this danger to the public?

AVGater hijacks functionality of AV tools to turn them against themselves

Researcher uncovers method of hijacking the functionality of some AV tools in order to compromise endpoints. Trend Micro, Emisoft, Ikarus, Kaspersky, Check Point's ZoneAlarm and Malwarebytes have fixed their offerings.

Update: Trump's Twitter account switched off - could be contractor

The person that deactivated US President Donald Trump's Twitter account briefly Thursday, originally pegged by the company as human error by an employee, reportedly was instead a third-party contractor.

Contractor's only IT technician steals 30GB of Australian defence secrets

30GB of data stolen from a small Australian military defence contractor which included technical information on jet fighters, transport aircraft, 'smart bomb kits.' Culprit, the lone IT technician.

Ensure security employees quit without taking passwords, encryption keys

Departing employees is an issue not often considered as potentially affecting a company's cyber-security. However, an employee can potentially eave while maliciously keeping sensitive data including passwords, key codes, etc.

Organisations must protect themselves and end-users from insider threat

Debbie Garside says simple end-user error is the biggest risk you face when it comes to data. But instead of end users facing the sack for making honest mistakes employers should be putting systems in place that protect them.

Verizon data found on open AWS S3 server

Security researchers have found another publicly accessible Amazon S3 server that in this case hosted about 100MB of Verizon Wireless data that was allegedly operated by a Verizon employee.

Why apps & the rise of shadow IT are posing new threats to organisations

The app-blended lifestyle poses problems for CIOs, CISOs and those responsible for keeping an organisation safe and secure. Mike Hemes, says shadow IT is a real issue and one we can only see increasing over time.

End users plus social media can add up to a corporate data breach

People are the last line of defence in your organisation's security infrastructure, yet half the population are ignorant of ransomware, and many don't understand phishing, but trust that social media security is high says Colin McTrusty.

Insider threat: Employees at the heart of companies' data security

Firms need to evaluate their security procedures around flexible working now, before it leads to a damaging data breach says Jean-Frederic Karcher.

How to protect the mainframe from the enemy within - monitor all use

While illegitimate access to mainframes is dificult to obtain for attackers, the consequences can be severe when they do succeed explains John Crossno.

SC Roundtable: Defending against insider threat with trust and engagement

Rather than battening down your network in response to the insider threat, you could combat the danger through trust and engagement, as we learned at the SC Media UK Roundtable in Edinburgh - sponsored by Zonefox.

Misaligned incentives and executive overconfidence aids criminals

Intel Security, CSIS Survey: Only half of IT staff agree with executives that their cyber-security strategies have been implemented

Lawsuit claims employee who moved to rival firm stole confidential info

In the ongoing antitrust case brought against Ticketmaster by rival SongKick, Ticketmaster is accused of using information stolen from SongKick by ex-employee.

ICYMI: Hotel ransom; Router botnet; Gamer breach; Data loss; insiders

In Case You Missed It: Hotel ransomware report; Routers hijacked for botnet; X-Box, Playstation breach; Data centre vulnerability; insiders paid for secrets.

Dark web criminals recruiting your staff to sell secrets for cash says report

A RedOwl report claims that insider recruitment is "active and growing" with chatter across public and private forums about the subject doubling from 2015 to 2016.

Shodan finds confidential Europol terrorist dossiers

Unprotected classified Europol files were linked to the internet and accessible via a hard drive found through Shodan

Former US national security official criticises background checks

Keith Lowry took time on a trip to Australia to warn that background checks do not make the cut when trying to stop insider threats.

Labour leadership contender Owen Smith fails simplest of security tests

Aside from the Labour party's internal struggles and bitter upcoming leadership election, it seems the two candidates are both pretty bad at security

The inside man: Decoding the threat from within

While the biggest threat these days might be your employees, does that danger really mean distrusting your own team, asks Max Metzger, and what actions should you take?

ICYMI: SC Awards; Lenova flaw; TeamViewer flaw?; ransomware rise

The latest In Case You Missed It (ICYMI) looks at SC Awards winners; Flawed app in Lenova; TeamViewer potential flaw; ex-staff with access; ransomware rise continues.

Insider threat could use ransomware-as-a-service to profit from victims

Researchers now think that Ransomware-as-a-Service can be exploited particularly effectively by those with insider knowledge of an organisation

Video: The insider threat versus identity and access management

What are organisations doing wrong when it comes to dealing with the insider threat? That was the topic of conversation when we sat down recently with Mark McClain.

Where do you start when building an insider-threat programme?

Identify and prioritise your critical data, where it's held and who has access to it as the first steps to build your insider-threat programme advises Keith Lowry, and look at it as a business and not a technology issue.

Ofcom investigates former employee after data breach

Media watchdog sends out notification letters to partners after ex-employee offered data to "major broadcaster"

RSA 2016: Malware Still Prevalent on Corporate Network, Proofpoint Warns

Humanity is still the biggest vulnerability for companies, according Ray Kalember, senior vice president of cyber-security strategy at Proofpoint

Why CISOs must act now to lock down third party risk

Third parties are an ignored risk says Raimund Genes who advises, review your contracts and prioritise your third parties based on risk - for example, what kind of data can they access, for what purpose and in what volume?

Insiders pose greater threat to businesses than outsiders

The Insider Threat is the most dangerous way to gain inside access to sensitive information.