An astonishing 1 in 4 data breaches happen because of someone inside the organization and not a malicious actor. In 2018 a data breach report by Verizon found that 25% of attacks were made by insiders. This is a giant threat because insiders could have admin credentials or unrestricted access. What is worse is that they often know exactly where to to get the most sensitive data. The report also highlighted that the insiders data breaches that were not a simple mistake were after money, or intellectual property theft or other misuse of the employer’s data.
Cyber criminals also want a piece of the pie and the report estimates that they are behind 50% of all data breaches. It is unclear if hacking was the primary method, but it is a big challenge to fully protect yourself with insiders leaving the back door wide open for criminals to come in and access your most sensitive data. Insider data breaches combined with external threats subject companies to more risk than ever before. Any company or organization that does not proactively test their infrastructure is asking for trouble and will most likely experience some form of data breach in the near future.
After the Money
Financial gain is the most common reason behind cyber crime and believe it or not medical data seems to be the most valuable at the moment. The healthcare industry has the most at risk because of the sensitivity of medical records, social security numbers, insurance fraud, sprinkle in HIPPA laws or other protections. Just when you think it could not get any worse health care providers run the risk of employees and insiders misusing patient records or publicly exposing a database by error.
Most organizations stay focused on external attacks and where they should be focused is managing the threats and risks internally. Education alone will not solve the problem of insider data breaches, but it is a good start. Most companies have the basic firewall or email blocking settings to keep employees from clicking links or strange attachments, but more can and must be done.
Your employees are the core of your business and Human Resource files are a treasure chest for cyber criminals. Identity theft is a hot topic in the news and everyone is aware of the common practice of criminals filing a fake tax return. All you need is a name, birthday, and SS# and you are on your way to becoming a cyber criminal. The sad irony is that some insiders with access to HR files could actually get the same idea. Not all mistakes are malicious, but identity theft and tax fraud actually happen and they can be devastating for any organization.
Oops My Bad, I just leaked our database
When small errors become a tsunami it is easy to look back and say I should have done this or why did we not have a system in place? Hindsight is always 20/20 right? According to the report 1 out of 5 data breaches was a mistake that could have been avoided. What is even more shocking that that 20% of people have clicked at least one phishing link in the last 365 days. We all know no to click on this stuff right?
Leaving the database open is a nightmare no one wants to deal with but what is worse is that 68% of breaches took several months to discover. Sadly most state actors or cyber criminals are also on the hunt for insider mistakes too. Even the most experienced admin is a few mouse clicks away from a massive data breach if they are not careful. There are services such as Dtex Systems that use machine learning and analytics to create real time alerts of insider threats. This biggest thing to remember is always be proactive, educate your team, protect your data and put systems in place that prevent or lower the risk of an insider data breach. This is the minimum you can do and remember technology changes fast so you should have someone on your team who is up to date with the evolving threats.
The report: Verizon’s DBIR report analyzed 53,000 security incidents and 2,216 breaches across 65 countries. These were real data breaches investigated by Verizon and third-party contributors in