<img alt="" src="https://secure.intuition-agile-7.com/792057.png" style="display:none;">
Posted by Onyx IT ● Oct 20, 2022 7:00:00 AM

One of the most difficult types of attacks to detect are those carried out by insiders. An "insider" is anyone who has legitimate access to your corporate network and data. This is done via a login or other authorised connection.

Because insiders have authorized system access, they bypass certain security measures. For example, those designed to keep intruders out. Since a logged-in user is not considered an intruder, these security measures are not triggered.

Three troubling statistics from a recent report by the Ponemon Institute illustrate the importance of addressing this threat. Insider attacks are getting worse, taking longer to detect and growing in scope.

The report shows that in the last two years:

  • Insider attacks have increased by 44
  • Companies take 85 days to contain an insider threat, up from 77 days in 2020.
  • The average cost of combating insider threats has increased by 34

It’s important for companies to understand what constitutes an insider threat. That’s the first step towards mitigation.


4 Most Common Types of Insider Threats

One reason insider threats are difficult to detect is that there is not just one type of threat. Employees, suppliers and hackers can all commit insider security breaches. To further complicate detection, some can be malicious and others accidental.
Below are the four main types of insider threats to corporate networks.


1) Malicious/Disgruntled Employee

A sales employee who leaves the company may decide to take all their contacts with them. This is a malicious theft of company data.

Another example of this type of insider attack is a disgruntled employee. He may be angry at his supervisor who just fired him and decides to harm the company. They might plant ransomware or make a deal with a hacker to hand over their credentials for money


2) Careless/Negligent Employee 

Some insider threats are due to lazy or untrained employees. They do not intend to cause a data breach. However, they may inadvertently share secret data on a platform that is not secure. Or they may use a friend’s computer to log in to their business apps. Being completely unaware of the security consequences.


3) Third Party with Access to Your Systems

Outsiders having access to your network is also a very real problem. Contractors, freelancers, and vendors can all pose a risk for insider breaches

You need to ensure that these third parties are fully vetted. Do this before granting them access to the system. You should also allow your partner IT to vet them for any data security concerns.


4) Hacker That Compromises a Password 

Compromised credentials are one of the most dangerous types of insider threats. This is now the #1 data breach threat around the world

If a cybercriminal can access an employee's credentials, that criminal becomes an "insider" your computer system thinks is a legitimate user.


Options to Mitigate Insider Threats

Insider threats are often difficult to detect after the fact. However, if you take steps to mitigate them, you can nip these threats in the bud. Being proactive can save you from a costly incident. One that you may not know about for months.

Here are some of the best tactics for reducing the risk of insider threats.


Thorough Background Checks

When hiring new employees, make sure you conduct a thorough background check. Malicious insiders usually have red flags in their employment history. The same goes for any vendors or contractors who've access to your systems.


Endpoint Device Solutions

Mobile devices now account for about 60% of endpoints in an enterprise. However, many organizations don't use a solution to manage device access to resources.

Deploy an endpoint management solution to monitor device access. You can also use it to add devices to a security list and block unauthorized devices by default


Multi-factor Authentication & Password Security

One of the best ways to combat credential theft is multi-factor authentication. Hackers have a hard time bypassing the second factor. They rarely have access to a person's mobile device or security key from FIDO.

Combine this with password security. This includes things like:

  • Requiring strong passwords in your cloud applications
  • Using an enterprise password manager
  • Requiring unique passwords for all logins


Data Security Training for Employee

Training can help you mitigate the risk of a data breach due to carelessness. Train your employees on proper data handling and security policies for sensitive information.


Network Monitoring

How can you catch someone who has access to your system doing something wrong? This is done through intelligent network monitoring

Use AI-powered threat monitoring. This will allow you to detect strange behaviors as soon as they occur. For example, someone downloading a large number of files. Or someone logging in from outside the country.


Looking for a Solution How to Stop Insider Attacks?

A layered security solution can help you mitigate all four types of insider threats. Onyx IT is ready to help you with a robust yet affordable solution. Contact Onyx IT today for a free consultation.


Let's Talk
Article used with permission from The Technology Press.