The Insiders: A Rogues Gallery
- External threats/account takeovers occur when an outsider hijacks credentials and poses as a legitimate user. This imposter leverages the inherent trust of the organization’s infrastructure to gain access to critical data or dupe other users into installing additional malware. Perpetrators can be former employees acting out of malice or retribution or outsiders using stolen credentials to access and take sensitive data.
- Malicious insiders – employees or other legitimate users like contractors – have access to privileged data and systems, and seek to cause direct or indirect harm to an organization. Most often, they act to negatively affect the confidentiality, integrity, or availability of the organization’s most valuable and sensitive information.
- Non-malicious insiders may still directly or indirectly cause an organization significant harm. By accidentally exposing sensitive data or falling prey to a phishing scam, these insiders open the door for an Advanced Persistent Threat (APT) to compromise the network.