From the course: The Cybersecurity Threat Landscape
Explore the risk of insider threats
- [Instructor] When we think about the cybersecurity threat landscape, it's easy to focus on attackers coming from the outside but internal threats can sometimes be just as dangerous if not more dangerous than outside threats. In this video, I'll cover what insider threats are and why we should be concerned about them. Insiders can include anybody who has inside information about your organization's data, IT systems, and security practices. This can include current or former employees, vendors with internal access, third party contractors, and business partners. The reason why insider threats can sometimes be more dangerous than outside threats is because trusted insiders have been given access to assets and data based on that trust and that access can be misused or abused. Insider attacks can also be hard to detect because trusted insiders may have legitimate access that allows them to access and steal data without going through firewalls or other controls that could track their activity. Types of malicious insider attacks include sabotage, where the goal is to damage systems or destroy data. Fraud, which can come in many forms, but often involves criminal financial transactions. Theft of sensitive data or intellectual property. And espionage, where the attacker steals sensitive data to sell to competitors. An example of a real world malicious insider attack was the case of a trusted software engineer at a cloud services provider who went rogue. She hacked into one of their customers using a firewall vulnerability that she found. She was then able to access accounts of millions of credit card customers. The hacked company recovered from the attack and patched the vulnerability but they estimated the total cost of the incident to be around 150 million dollars. Unintentional insider threats include human error, bad judgment, falling victim to a fishing attack or malware, and unintentionally aiding an attacker. An example of an unintentional insider threat was the case of an employee who had a question about how to format some of the data on a company spreadsheet. He emailed the spreadsheet to his wife's personal email account to ask her for help. While this may have seemed like a harmless action, it turned out that the spreadsheet had hidden columns which included sensitive employee data. This turned his simple email into a major security breach that had to be reported to the state's attorney general and likely cost the company millions of dollars. The Ponemon Institute regularly publishes reports on the cost of insider threats. Their research shows that the average cost from insider threats in North American companies is millions of dollars and the cost is rising every year. That's why we can expect that insider threats will continue to hold a place in the cybersecurity threat landscape for years to come.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.