Fear the Insider Threat

Fear the Insider Threat

When you hire an employee, especially one with a sensitive role like a system administrator, what kind of background checks do you perform? Typical organizations will check candidates’ criminal records and perhaps their credit scores, on top of a series of interviews with various people within the organization.

Good enough?

What if that person is responsible for keeping government secrets critical to the security of their country? Time for a more in-depth check. To obtain a Top Secret clearance with the US Government, for example, investigators interview neighbors, former colleagues, and family members. They pore over bank records and credit card statements, looking for anything fishy as well as any reason to believe the candidate would be susceptible to blackmail. And the interview process is far more rigorous and detailed than your typical job interview process.

And yet, as the Edward Snowden NSA PRISM debacle showed, such clearance checks are far from foolproof. An intelligent, shrewd malefactor may still be able to pass all the checks, fly through all the interviews.

And while we may presume Snowden had nefarious intent when he applied for his job at government contractor Booz Allen Hamilton, there may be far more individuals who were trustworthy at the time of hire, but through some subsequent disaffection or alienation, feel they must turn upon their employers.

Either way, organizations essentially have no protections against such insider threats. Someone must have root access. Someone must be able to reboot servers. Someone must administer the identity management system. Someone must be in charge of the passwords and digital certificates. And nobody is 100% trustworthy.

Compartmentalization helps mitigate the possible damage, to be sure. Even people with Top Secret clearances can only access top secret information on a “need to know” basis. But ask yourself: what did Edward Snowden or Bradley Manning need to know? Compartmentalization is ineffective, and because it essentially prevents collaboration across an organization, it’s almost always counterproductive.

Ask yourself: what if someone in your organization with root access suddenly turned on you, and did as much damage as they could. Could they erase systems of record? Destroy all backups? Delete Cloud accounts?

su root, cd /, rm –rf *, people. It’s as easy as that.

Share the Post:
XDR solutions

The Benefits of Using XDR Solutions

Cybercriminals constantly adapt their strategies, developing newer, more powerful, and intelligent ways to attack your network. Since security professionals must innovate as well, more conventional endpoint detection solutions have evolved

AI is revolutionizing fraud detection

How AI is Revolutionizing Fraud Detection

Artificial intelligence – commonly known as AI – means a form of technology with multiple uses. As a result, it has become extremely valuable to a number of businesses across

AI innovation

Companies Leading AI Innovation in 2023

Artificial intelligence (AI) has been transforming industries and revolutionizing business operations. AI’s potential to enhance efficiency and productivity has become crucial to many businesses. As we move into 2023, several

data fivetran pricing

Fivetran Pricing Explained

One of the biggest trends of the 21st century is the massive surge in analytics. Analytics is the process of utilizing data to drive future decision-making. With so much of

kubernetes logging

Kubernetes Logging: What You Need to Know

Kubernetes from Google is one of the most popular open-source and free container management solutions made to make managing and deploying applications easier. It has a solid architecture that makes

ransomware cyber attack

Why Is Ransomware Such a Major Threat?

One of the most significant cyber threats faced by modern organizations is a ransomware attack. Ransomware attacks have grown in both sophistication and frequency over the past few years, forcing

data dictionary

Tools You Need to Make a Data Dictionary

Data dictionaries are crucial for organizations of all sizes that deal with large amounts of data. they are centralized repositories of all the data in organizations, including metadata such as