A good amount has been written about the cyber attack that was launched at SONY’s digital network recently. There have been charges and counter charges about exactly who is behind the attacks with many fingers pointing at North Korea as the culprits. While North Korea denies being behind the cyber attack, the FBI remains convinced they are and has stuck by their accusation that the Pyongyang regime is at fault.
However, there are voices claiming that the attack was an ‘insider job’ and some evidence exists to substantiate that claim. Insiders in this case may or may not be at the bottom of the falderal, but insider threats in the cyber domain are a real threat to cyber security and should be taken very seriously. Ali, (2014) reporting on a recent poll writes that the “…cyber-security firm Clearswift ran an online poll of 300 IT decision-makers, which found that 83 per cent had experienced a data security incident in the past year, with 58 per cent believing that in their breach an insider was the culprit”. Sixty percent of breaches coming from insider threats is a rather astonishing and very troubling figure!
Researchers have studied insider threats and found there are a number of reasons for their ‘actions’ ranging from financial gain to blackmail, hostility to just plain carelessness. By and large the biggest insider threat is from carelessness. This usually takes the form of simple actions like poor password protection, opening emails from unknown sources, allowing unauthorized access to an employee computer as well as other forms of ‘social engineering’. Defensive barriers utilizing hardware and software that is properly configured do much to protect a digital network, but defending against a threat vector from the inside is much more difficult to deal with.
Part of the answer is to create a climate of cyber awareness in the workplace, which is where cyber security awareness training comes into play. Such training initiatives concentrate on getting employees to ‘buy into’ the concept of cyber security, getting them to take it seriously, and increasing their awareness of what it is, their important role in maintaining it, and what the personal cost to them would be should a breach occur.
The jury still seems out on who the SONY culprit may be, but if nothing else it has increased the conversation about insider threats and the damage they can do. Hopefully because of this event, further attacks from the inside – voluntary or involuntary will be lessened.
Ali, H. (2014). Enemy within: The danger of ‘insider hacking’.