Thursday, August 15, 2013

Most Cyber-crime Traced to Insiders

We like to think that it's hackers, especially those dastardly  Chinese and Russians, who are responsible for all the cyber crime going on today.   Turns out the real culprit is corporate insiders who can't resist the allure of vast wealth from stealing and peddling information.

A 2013 report by Kroll Advisory Solutions suggests that more than two-thirds of all cyber cases involving theft of data stem from corrupt corporate insiders – but that companies’ desire to deal with incidents quietly and internally means they rarely reach the public eye.

Coverage of cyber attacks has typically focused on the dangers posed by foreign governments, or on the high-visibility strikes of social “hacktivists” like Anonymous or LulzSec. Yet many incidents stem from the work of corrupt inside officials or employees, often abusing their privileged access to networks or using low-tech methods like dumping data to personal USBs and selling them for financial gain.

Defence ministries and companies make particularly attractive targets. For such institutions, the security of confidential information is vital, and any cyber breach can have serious implications for defence plans or costly procurement projects.

The temptation to blame outside actors, however, remains strong across all industries. China and Russia are favourite targets. In 2011, Renault was forced to withdraw allegations of Chinese involvement in a data theft that proved to be an attempt by the firm’s own computer protection officer to fraudulently create work for a friend’s cybersecurity consulting business.

No comments: