Welcome to our site

welcome text --- Nam sed nisl justo. Duis ornare nulla at lectus varius sodales quis non eros. Proin sollicitudin tincidunt augue eu pharetra. Nulla nec magna mi, eget volutpat augue. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Integer tincidunt iaculis risus, non placerat arcu molestie in.

What/Who are Insider Threats?

Wednesday, April 21, 2010

That's right. Not all the threats come from outside the company!! Employees can also be important threats for company's network. In this blog I am going to share information about two kinds of insider threats (for definitions I also used http://searchsecurity.techtarget.com ):

1. Malicious hacker (also called a cracker or a black hat) who is an employee or officer of a business, institution, or agency. The term can also apply to an outside person who poses as an employee or officer by obtaining false credentials. The cracker obtains access to the computer systems or networks of the enterprise, and then conducts activities intended to cause harm to the enterprise.

Insider threats are often disgruntled employees or ex-employees who believe that the business, institution, or agency has "done them wrong" and feel justified in gaining revenge. The malicious activity usually occurs in four steps or phases. First, the cracker gains entry to the system or network. Secondly, the cracker investigates the nature of the system or network in order to learn where the vulnerable points are and where the most damage can be caused with the least effort. Thirdly, the cracker sets up a workstation from which the nefarious activity can be conducted. Finally, the actual destructive activity takes place.

The damage caused by an insider threat can take many forms, including the introduction of viruses, worms , or Trojan horses; the theft of information or corporate secrets; the theft of money; the corruption or deletion of data; the altering of data to produce inconvenience or false criminal evidence; and the theft of the identities of specific individuals in the enterprise. Protection against the insider threat involves measures similar to those recommended for Internet users, such as the use of multiple spware scanning programs,anti-virus programs, firewalls, and a rigorous data backup and archiving routine.

2. The other category that I am going to share information about is careless and untrained insiders which are duped or fall prey to social engineering type attacks.

Protecting a network and critical and sensitive data is done very differently for each type. Policies, procedures, training and a little technology can make a world of difference in reducing an organization's risk to careless insiders.

Check this out, the man can recognize the potentiality of being insder threat by just looking at their pictures!!!!


Post a Comment