stephen pritchard | infosecurity today | 3 november 2015
PA’s John Skipper, a cybersecurity expert, is quoted in an article in Infosecurity Today which looks at the issue of insider attacks.
The article explains that the insider attacks are on the rise and that this type of attack, alongside criminal attacks are the most costly form of breach.
John says: “Our experience shows a significant growth in blended attacks, where the outsider attacker takes advantage of insiders who can be manipulated or who have been careless. That is the greatest risk for organisations.”
He goes on to say that deliberate malicious attacks are still rare, but very damaging.
The article explains that due to poor security practises such as password being shared between users, hackers can break into organisations and plant malware, attack other systems and even carry out social engineering attacks on key members of the business.
“It is possible to take a primarily technological route and to hack in through the firewall and then capture credentials,” says John. “This is either because they’re left in an insecure way, like passwords in Excel spreadsheets, or because of systems that are not properly configured and allow passwords to be captured.”
Cyber crime tipping point survey
DOWNLOAD THE REPORT
The article explains that organisations should have a consistent policy in place but even more importantly they should bolster their protection against insiders by improving their incidence response so they are ready when an insider breach occurs. This is likely to be increasingly important as more hackers turn to the insider route to stealing information.
John says: “Relatively few CIOs have their heads around this completely. They’re becoming aware that it’s a key area to think about.”
John adds that “the majority of CIOs we work with are reasonably confident in boundary security. But few can monitor what is going on in their networks. That’s where the focus is now.”
The article concludes with John explaining that organisations are aware of insider threats and are aware that they need to act fast: “Most sophisticated organisations are making the assumption that some bad stuff will get in, and some already is in, and the ability to respond is at the top of the agenda.”