Guest post by Dr Jessica Barker MBE, author of Hacked: The secrets behind cyber attacks
Malicious insiders are a unique threat in the world of cyber security. Most internal organizational issues are non-malicious: people make mistakes within systems that are rarely designed to support them, usually with high levels of security friction and insufficient training and tools. Internal people with malicious intent are much less common but can be deeply damaging.
Hacked, insights by Dr Jessica Barker
Unlike external attackers, these individuals already have privileged access to an organization’s networks, systems, and data, making their attacks potentially more devastating.
At the heart of some insider threats is the simple motive of financial gain. Individuals may exploit their access to sensitive company data for personal profit, such as selling trade secrets to competitors, committing fraud, or engaging in identity theft. If the insider has the offer of a new job, there can be a temptation to take data from their existing employer. This was a theme of the infamous Formula 1 ‘Spygate’, in which Nigel Stepney stole 780 pages of confidential information from Ferrari, handing it to Mike Coughlan, then chief designer at McLaren, seemingly with a view that the two could use the information as a springboard to secure new jobs at another team.
Financial motivation and ambition were apparently not the only driving factor for Stepney’s actions. Having risen through the ranks of motor racing, Stepney was chief mechanic at Ferrari when Schumacher ruled the racecourse in the early 2000s. Recognised as pivotal in the team’s success, it seems he was sorely disappointed when he did not get a promotion.
This is a common factor in malicious insider activity, as I explore in Hacked: The Secrets Behind Cyber Attacks. Those who feel undervalued, overlooked, or aggrieved justify their malicious activity against their employer. The desire for revenge, or a perceived levelling of the playing field, can push an otherwise loyal employee to rationalize their harmful actions as justified payback.
In a similar way, some insiders are motivated by personal beliefs or affiliations that are at odds with their employer’s actions or values, as claimed by Edward Snowden. They might leak sensitive information to press outlets, activist groups, or even foreign entities to expose what they perceive as unethical practices or to advance a particular cause.
Some malicious insiders are not turned, but instead are planted. Corporate or state-sponsored espionage involves insiders who spy on their employers on behalf of a third party. Insiders motivated by espionage are often recruited, coerced, or bribed by external entities seeking to gain a competitive edge or national security advantage.
In other cases, insiders are not planted or tempted by external groups, but rather are coerced. Threats to personal safety, blackmail, or manipulation can compel someone to steal or sabotage data. These individuals find themselves with no other perceived option due to the circumstances.
Recognizing the diverse motivations behind malicious insider actions is essential for developing effective security strategies. Thoroughly screening potential hires and conducting regular checks on existing employees, especially those with access to critical systems, is a fundamental step. Using the principle of ‘least privilege’ helps to ensure that employees have only the access necessary for their roles. Monitoring tools support detection of unusual activity patterns that could indicate malicious intent.
Beyond all of this, it is important not to overlook the importance of awareness and culture. Building a positive and proactive culture of cyber security, in which employees are empowered to practice healthy security behaviours makes it harder for malicious insiders to operate without standing out. Fostering a positive work environment is just as important, especially in the current economic climate. Organizations can do this, for example, by addressing potential sources of disgruntlement through fair treatment, transparent communication, and opportunities for professional growth.
Dr Jessica Barker MBE is the author of Hacked: The Secrets Behind Cyber Attacks, published by Kogan Page.
See more breaking stories here.
More about Irish Tech News
Irish Tech News are Ireland’s No. 1 Online Tech Publication and often Ireland’s No.1 Tech Podcast too.
You can find hundreds of fantastic previous episodes and subscribe using whatever platform you like via our Anchor.fm page here: https://anchor.fm/irish-tech-news
If you’d like to be featured in an upcoming Podcast email us at [email protected] now to discuss.
Irish Tech News have a range of services available to help promote your business. Why not drop us a line at [email protected] now to find out more about how we can help you reach our audience.
You can also find and follow us on Twitter, LinkedIn, Facebook, Instagram, TikTok and Snapchat.