The Top 5 Internal Security Threats. The Top 5 Internal Security Threats Believe it or not, most big company security break-ins involve your employees.
By Cindy Waxer on April 12th, 2007 For years, the specter of viruses, Trojan horses and worms caused many a chief security officer to lose sleep. But it’s the enemy within that is now prompting IT staffers to ramp up security efforts. According to Forrester Research, the majority of security breaches involve internal employees, with some estimates as high as 85 percent. Related Articles: Inadvertent employee error, laptop theft, contractors’ unauthorized access to information, disgruntled employees, password mismanagement – all of these factors can mean drastic revenue loss, legal liabilities, diminished productivity and brand erosion.
What are the top internal security threats – and how can you avoid them? 1. Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization in an effort to gain unauthorized access to confidential data. 2. 3. 4. 5. HSBC Confirms Data Theft By Former Employee. From: www.cio.com – Jeremy Kirk, IDG News Service December 11, 2009 HSBC confirmed Friday that a former employee stole client data but said the number of records taken was less than 10.
Slideshow: When Rogue IT Staffers Attack: 8 Organizations That Got Burned The theft highlights ongoing problems that companies often have with their own employees, who may steal sensitive data for later profit or revenge before their employment is terminated. The data has ended up in the hands of French authorities, which have been investigating up to 3,000 people thought to be avoiding taxes, according to French media reports. The records were stolen around the end of 2006 or in early 2007 by an employee who worked in the IT department, according to an HSBC spokesman. Miami inside hacker sentenced to one year - Print Article - SC Magazine US. July 16, 2009 A former computer support technician will serve one year in prison for hacking into his former employer's computer network and causing more than $30,000 worth of damage.
Lesmany Nunez, 30, of Miami, pleaded guilty in federal court in Miami on Tuesday to charges of computer fraud, after he was accused of hacking into the computer network of his former employer, IT network and design company Quantum Technology Partners (QTP), according to the U.S. Attorney's Office. Nunez accessed QTP's computer network from home by using an administrator username and password, changed the passwords of all the IT system administrators, shut down most of the company's servers, and deleted other files.
Because of Nunez's actions, QTP could not operate its business normally for several days and incurred more than $30,000 in cost responding to the incident, assessing the damage done and restoring the system to its previous condition, the U.S Attorney's Office said in a news release. A Chilling Reminder of the Internal Threat. Enterprises must treat Insider risk as they do external threats. Layoffs prompt insider threat fears, cybersecurity survey finds. Former Employees Face Five-Year Sentence After Allegedly Hacking Company Database. System access was still possible for almost two years using old passwords, indictment says Two former employees of an Indiana parts supplier have been indicted for illegally accessing their old employer's computer systems after moving to a competitor.
Scott Burgess, 45, and Walter Puckett, 39, were indicted yesterday for computer intrusion following an investigation by the FBI and the Indiana State Police, according to Timothy Morrison, U.S. Attorney for the Southern District of Indiana. The indictment alleges that Burgess and Puckett accessed the Stens Corp. computer systems, based in Jasper, Ind., from various places on approximately 12 different occasions without authorization. The indictment also alleges the computer intrusions were performed "for the purpose of gaining commercial and personal financial benefit.
" Burgess and Puckett were working for a business competitor of Stens' at the time of the intrusions, according to the indictment. Have a comment on this story? More Insights.