In response to news that South African bank Postbank was forced to replace 12-million bank cards after employees stole the ‘master key’ and more than $3 million, cybersecurity experts commented below.
In response to news that South African bank Postbank was forced to replace 12-million bank cards after employees stole the ‘master key’ and more than $3 million, cybersecurity experts commented below.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
When it comes to insider threats, insiders with privilege inflict the most damage. In this case, privileged users abused their access to the bank\’s master key. Further, this single key was protected by the four eyes principle where at least two people were required to reproduce the full access key, as the 36-digit code had been divided between multiple parties. So much for added security. The corruption at this bank was coordinated across multiple bank managers and VIPs.
The insider threat is not always a lone wolf. As we see here, it can be a team of insiders who band together to orchestrate a coordinated effort to exfiltrate data or IP. If you\’re not securing your sensitive data from insider threats, you\’re missing the single most detrimental threat vector: crooked employees.