That's right. Not all the threats come from outside the company!! Employees can also be important threats for company's network. In this blog I am going to share information about two kinds of insider threats (for definitions I also used http://searchsecurity.techtarget.com ):
Insider threats are often disgruntled employees or ex-employees who believe that the business, institution, or agency has "done them wrong" and feel justified in gaining revenge. The malicious activity usually occurs in four steps or phases. First, the cracker gains entry to the system or network. Secondly, the cracker investigates the nature of the system or network in order to learn where the vulnerable points are and where the most damage can be caused with the least effort. Thirdly, the cracker sets up a workstation from which the nefarious activity can be conducted. Finally, the actual destructive activity takes place.
The damage caused by an insider threat can take many forms, including the introduction of viruses, worms , or Trojan horses; the theft of information or corporate secrets; the theft of money; the corruption or deletion of data; the altering of data to produce inconvenience or false criminal evidence; and the theft of the identities of specific individuals in the enterprise. Protection against the insider threat involves measures similar to those recommended for Internet users, such as the use of multiple spware scanning programs,
2. The other category that I am going to share information about is careless and untrained insiders which are duped or fall prey to social engineering type attacks.
Protecting a network and critical and sensitive data is done very differently for each type. Policies, procedures, training and a little technology can make a world of difference in reducing an organization's risk to careless insiders.