INSIDER THREATS

An insider attack, also known as an insider threat, is a malicious assault carried out by insiders with authorized access to your bank’s computer system, network and resources. In this assault, inside attackers often aim to pilfer classified, proprietary or otherwise sensitive information and assets, either for personal gain or to provide information to competitors.

Frequently Asked Questions

  • Malicious Insiders
  • What are insider threats?
    Insider threats are users with legitimate access to company assets who use that access, whether maliciously or unintentionally, to cause harm to the business. Insider threats aren’t necessarily current employees, they can also be former employees, contractors, or partners who have access to an organization’s systems or data.  
  • How does the insider threat attack happen?
    Malicious insiders have a distinct advantage in that they already have authorized access to your company's network, information, and assets. They may have accounts that give them access to critical systems or data, making it easy for them to locate it, circumvent security controls and send it outside of the organization.
  • Where do the inside attackers come from?
    Inside attackers come from within your organization - they can be insiders in your company with bad intentions, or cyberspies impersonating contractors, third parties, or remote workers. They can work both autonomously or as part of nation-states, crime rings, or competing organizations. While they might also be remote third-party suppliers or contractors located all over the world, they have some level of legitimate access to your systems and data.
  • Why are insider threats so dangerous?
    Detecting insider threats is no easy task for security teams. The insider already has legitimate access to the organization’s information and assets and distinguishing between a user’s normal activity and potentially malicious activity is a challenge. Insiders typically know where the sensitive data lives within the organization and often have elevated levels of access, they don’t act maliciously most of the time; that’s why it’s harder to detect their harmful activities than it is to detect external attacks. As a result, a data breach caused by an insider is significantly more costly for organizations than one caused by an external attacker.
  • Why are you a target for insider threats?
    • Publicly available information helps foreign intelligence entities identify people with placement and access.
    • Contract information (bid, proposal, award, or strategies).
    • Company website with technical and program information.
    • Connections (partnerships, key suppliers, joint ventures, etc.) with other cleared or non-cleared companies.
    • Employee association with companies or technologies made public through scientific journals, academia, public speaking engagements, social networking sites, etc.
  • What do insider threats target?
    • Company unclassified networks (internal and extranets), partner and community portals, and commonly accessed websites.
    • Proprietary information (business strategy, financial, human resource, email, and product data).
    • Export-controlled technology.
    • Administrative and user credentials (usernames, passwords, tokens, etc.).
    • Foreign intelligence entities seek the aggregate of unclassified or proprietary documents which could paint a classified picture.
  • ADVERTISEMENT

    BOOKS

    ADVERTISEMENT

    COURSES & EDUCATION

    ADVERTISEMENT

    DEFINITIONS

    The threat that an insider will use her/his authorized access, wittingly or unwittingly, to do harm to the security of the United States. This threat can include damage to the United States through espionage, terrorism, unauthorized disclosure, or through the loss or degradation of departmental resources or capabilities.

    Read more
    ADVERTISEMENT

    Employee association with companies or technologies made public through scientific journals, academia, public speaking engagements, social networking sites, etc

    Read more
    ADVERTISEMENT

    ENTERTAINMENT

    At what point will infiltrating companies via the “insider threat model” become less costly and difficult than using malware? Threatpost discusses with a SolarWinds expert. As it becomes more difficult and expensive to infiltrate environments via malware, cybercriminals may start turning in the future to a more viable and less...

    Read more
    ADVERTISEMENT

    QUOTES

    Welcome Back!

    Login to your account below

    Retrieve your password

    Please enter your username or email address to reset your password.

    Add New Playlist