Insider threats have cost US organizations almost $40 billion due to employee theft and fraud according to Verizon’s 2014 Data Breach Investigations Report. Sony, Citibank and the latest Carbanak attack that used employee information to pull off the biggest bank heist in history are just a few examples of attacks coming from the inside of an organization’s network.
These threats are prevalent and difficult to detect. One out of four breaches are caused by malicious insiders and 229 is the median number of days that threat groups were present on a victim’s network prior to detection. This leaves ample time for attackers to wreak havoc on corporate networks, causing irreparable damage to their reputations as well as their bank accounts.
Lancope has a variety of new resources including an Infographic on insider threats, an insightful blog post by CEO Mike Potts (http://www.lancope.com/blog/ignore-insider-threats-your-own-peril) and a new eBook “Combating the Insider Threat.”
TK Keanini, CTO of Lancope, has identified and coined the term “muleware” which represents a hybrid of an external and internal attack. In the book, TK explains what muleware is, and why he expects it to become more prevalent with the increasing use of technologies that protect users’ anonymity, such as the TOR file sharing network and cryptocurrencies like Bitcoin. “Combating the Insider Threat” covers:
- The different types of insider threats – negligent, malicious and compromised
- Insider threat motives and attack methods
- Lessons learned from Bradley Manning and Edward Snowden
- Various safeguards for deterring insider threat activity
- How network logs enable organizations to swiftly shut down insider attacks and investigate previous incidents
- The Top 10 Ways to Combat Insider Threat
The book can be downloaded here http://www.lancope.com/resources/ebook/combating-insider-threat
About Lancope
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.