Thursday, July 16, 2015

The Insiders: A Rogues Gallery

From Dark Reading:

The Insiders: A Rogues Gallery

Insider threats range in severity and scope depending on the insider’s level of access, skill, sophistication, and intention. Most, however, fall into one of three categories: imposters/external threats, malicious insiders, and non-malicious insiders.
  • External threats/account takeovers occur when an outsider hijacks credentials and poses as a legitimate user. This imposter leverages the inherent trust of the organization’s infrastructure to gain access to critical data or dupe other users into installing additional malware. Perpetrators can be former employees acting out of malice or retribution or outsiders using stolen credentials to access and take sensitive data.
  • Malicious insiders – employees or other legitimate users like contractors – have access to privileged data and systems, and seek to cause direct or indirect harm to an organization. Most often, they act to negatively affect the confidentiality, integrity, or availability of the organization’s most valuable and sensitive information.
  • Non-malicious insiders may still directly or indirectly cause an organization significant harm. By accidentally exposing sensitive data or falling prey to a phishing scam, these insiders open the door for an Advanced Persistent Threat (APT) to compromise the network.

No comments:

Post a Comment