Just how bad is the insider threat. Traditionally, businesses have built defenses against malicious activity from the outside and inwards towards the business infrastructure. This means the security infrastructure that many business rely on fail to account for the insider threat. However, as we will present in this post through statistics, the insider threat poses an equally, if not more, higher risk to businesses.
A Closer Look at Recent Insider Threat Examples
1. The 2015 cyber attack against Ukrainian power companies resulted in malicious outsiders gaining access to the system through a phishing email targeted at IT staff and system administrators.
2. Businesses don’t expect their trusted employees to go rogue. This happened with the NSA, when Edward Snowden accessed, downloaded and extracted confidential information through his position. All information retailed to NSA surveillance programs were accessible to any employee, and/or contractor, he had the clearance to access through an NSA computer.
3. Here’s a more common example. A malicious insider causes 90% of a business’s networks to fail. Before a major holiday, a technical staff member received a poor performance review. In retaliation, the insider used their authorized access to send malicious code to the business outside of work hours.
4. A electrical engineer is recently fired, and he is very unhappy about the situation. The former employee deletes all data on devices issued to them by the business. This results in loads of information being unrecoverable.
In the above examples, we have two out of the three traditional threat incidents.
1. The malicious insider threat. These behaviors have the motive to harm the business in someway. This results in missing data, or financial re progressions.
2. The negligent insider threat. More often, system failures and lost data results from poorly education employees making negligent decisions. Cyber education needs to be integrated into your business strategy, and all employees of the business need to be involved. This means you, C-Suite executives. This type of behavior results in two ways. Either the employee is uneducated on potential threats (as seen in the Ukrainian power companies incident) and malicious outsiders gain access through spoofed phishing emails. Or, the employee is very aware of the potential threat, but the procedures in place impede on their work. This non-compliance results in them opening the doors ‘wide-open’ for dangerous activity.
3. The accidental insider. Accidents happen, but these types of accidents can be very costly. These breaches are common, when an employee accidentally misplaces valuable information or deletes information without knowing. Verizon’s Data Breaches Incident report reveals that 30% of the information security incidents in 2015 resulted from these types of accidental insiders.30% of the information security incidents in 2015 resulted from these types of accidental insiders. More #insiderthreat statistics @ITSecCentral - Click To Tweet
Businesses heavily depend on trusted employees to access critical systems, make good decisions for the business and carry out vital operations. Despite advances in technology, humans are still one of the major contributors to data loss and technology breaches. The rising insider threat is largely attributed to the increasing concentration of computer power and network access privileged users. The options are simply easier and more robust. Now more than ever, malicious insiders have the knowledge and access to wreak havoc in technology systems that can ultimately go undetected by traditional security systems. User-based analytic systems are the next step to bridging this gap and combating this threat.
Insider Threat Statistics: You Need to Know These
- 62% of business users report they have access to company data that they probably shouldn’t see, according to the Ponemon Institute.
- Also according to Ponemon Institute, 43% of businesses need a month or longer to detect employee’s accessing unauthorized files.
- A study by Mimecast revealed, 45% of IT executives say malicious insider attacks is one of the risks that they are most unprepared for.
- One study by Gartner says, 62% involved employees looking to establish a second stream of income off of their employers’ sensitive data, 29% stole information on the way out the door to help future endeavors and 9% were saboteurs.
- Inadvertent insiders (those that unknowingly do harm) were responsible for more than two-thirds of total records compromised in 2017, according to IBM.
- 64% of respondents said losses due directly to their most disruptive fraud could reach US$1 million, according to PwC’s 2018 Global Economic Crime & Fraud Survey.
- According to Verizon 2018 Data Breach Investigations Report, over a quarter (28%) of attacks involved insiders.
Are you convinced? Major data breaches and financial consequences happen when employees go rogue or when they’re simply negligent. The threat is building, and businesses need to take these statistics into consideration when forming their information security strategy.
This article was originally published on June 2017 and updated May 2018.