Insider threats have cost US organizations almost $40 billion due to employee theft and fraud according to Verizon’s 2014 Data Breach Investigations Report. Sony, Citibank and the latest Carbanak attack that used employee information to pull off the biggest bank heist in history are just a few examples of attacks coming from the inside of an organization’s network.
These threats are prevalent and difficult to detect. One out of four breaches are caused by malicious insiders and 229 is the median number of days that threat groups were present on a victim’s network prior to detection. This leaves ample time for attackers to wreak havoc on corporate networks, causing irreparable damage to their reputations as well as their bank accounts.
Lancope has a variety of new resources including an Infographic on insider threats, an insightful blog post by CEO Mike Potts (http://www.lancope.com/blog/ignore-insider-threats-your-own-peril) and a new eBook “Combating the Insider Threat.”
TK Keanini, CTO of Lancope, has identified and coined the term “muleware” which represents a hybrid of an external and internal attack. In the book, TK explains what muleware is, and why he expects it to become more prevalent with the increasing use of technologies that protect users’ anonymity, such as the TOR file sharing network and cryptocurrencies like Bitcoin. “Combating the Insider Threat” covers:
- The different types of insider threats – negligent, malicious and compromised
- Insider threat motives and attack methods
- Lessons learned from Bradley Manning and Edward Snowden
- Various safeguards for deterring insider threat activity
- How network logs enable organizations to swiftly shut down insider attacks and investigate previous incidents
- The Top 10 Ways to Combat Insider Threat
The book can be downloaded here http://www.lancope.com/resources/ebook/combating-insider-threat
About Lancope
Lancope, Inc. is a leading provider of network visibility and security intelligence to defend enterprises against today’s top threats. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope’s StealthWatch® System helps organizations quickly detect a wide range of attacks from APTs and DDoS to zero-day Malware and insider threats. Through pervasive insight across distributed networks, including mobile, identity and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk. Lancope’s security capabilities are continuously enhanced with threat intelligence from the StealthWatch Labs research team.For more information, visit www.lancope.com.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.