Tough economic climate can heighten insider threat
As companies downsize, they need to keep an eye out for disgruntled employees
Computerworld - With a faltering economy resulting in increased jobs cuts and corporate belt tightening, security analysts are warning companies to be especially vigilant about protecting their data and networks against disgruntled employees.
As it is, one of the biggest threats to corporate data and systems traditionally has come from insiders, who with their privileged access to data and systems, have the potential ability do more accidental or malicious damage than even the outside attacker.
That threat greatly increases at times when companies are laying off staff, cutting back on raises and bonuses, deferring promotions, consolidating operations and outsourcing work to save money.
"All of these increase risk for the company from an insider perspective," said Shelley Kirkpatrick, director of assessment services at Management Concepts, a Vienna, Va.-based management consultancy.
Tough economic times create uncertainty in the workplace, she said. Employees for instance, can be worried about losing jobs and promotions, concerned about financial liabilities, mortgages and rising energy costs. "When there is uncertainty, it creates stress for employees. It makes the company more vulnerable" to threats, said Kirkpatrick, who was previously a behavioral threat assessment researcher at the Homeland Security Institute.
The threats can manifest themselves in a number of ways. Insiders with access to corporate information, such as customer data or corporate secrets, might want to steal or disclose it for financial gain or simply to get back at their companies. Those with technical-savvy might seek to sabotage corporate data and systems by planting malicious code and so-called logic bombs that are designed to delete data at a future date on critical systems.
The danger is not confined to such actions alone. Stressed, unhappy workers make easy targets for opportunistic rivals as well, Kirkpatrick said. "If I am a competitor looking for a good opportunity to get trade secrets out of my competition, I am going to go after the people who may be stressed emotionally," she said.
Examples of insider sabotage
The damage that insiders with privileged access can do should not be underestimated as several incidents in the past show, analysts said. In July, for instance, a disgruntled administrator for the city of San Francisco locked access to a critical network by resetting administrative passwords to its switches and routers and then refusing to divulge them to officials for days.
In a similar incident, a Unix systems administrator at Medco Health Solutions Inc. who was concerned about being laid off, planted a logic bomb on an internal system that, had it gone off, would have deleted data on 70 servers.
While both incidents involved technically savvy insiders, similar threats can come from non-IT staff as well. In November 2006, a scientist working at DuPont admitted to stealing corporate data valued at around $400 million shortly before he left the company to work at a rival.
- The Truth About Cloud Security "Security" is the number one issue holding business leaders back from the cloud. But does the reality match the perception?
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!