US school districts lose millions in email scams
Learn how US school districts were tricked into losing millions through email scams and what you can do to defend against them.
When it comes to security threats and fraud risks, we often talk a lot about hackers and people outside of businesses breaking into companies’ networks to steal information and data – but a very, very real threat lies within every single organisation.
Insider threats from employees and third parties who either deliberately or accidentally provide access to cybercriminals are on the upswing. And businesses need to safeguard against them.
So, how do you identify potential insider threats and reduce your risks of falling victim? Here’s everything you need to know.
An insider threat is exactly what it sounds like – a security risk inside your organisation. It could be a disgruntled or compromised current or former employee or a business partner or associate who misuses legitimate access to your network.
However, not all insider threat incidents are deliberate – in fact, the most common insider threats come from employees who unintentionally provide access to cybercriminals.
The insider threat is increasing, with 74% of businesses reporting more frequent insider threat cases in 2023 than in previous years, and 48% of businesses believing insider threats are more difficult to detect and prevent than external cyber attacks.
While there are several subsets of insider threats, they fall into two categories – malicious and unintentional.
Otherwise known as a malicious insider threat, this type of insider threat involves deliberate efforts to exploit an employee’s proximity to organisational processes and information. In these cases, an employee, contractor or third-party business uses legitimate credentials to access – or facilitate access to – sensitive and confidential information with malicious intent, which is what we saw in the case of the National Maritime Museum.
The motivation for a malicious insider attack can vary. For example, it could be a disgruntled employee who wants to sabotage the business to get even for a perceived lack of recognition or reward, or a former employee who feels unjustly treated.
Malicious insiders are incredibly dangerous as they have an advantage over external attackers, given their knowledge of a company’s security policies and procedures – and, as a result, its areas of weakness.
One subset of malicious insider threats involves criminal coercion. For example, an employee or other person with access may be paid, bribed or blackmailed to provide access to hackers, competitors or nation-state actors to cause business disruption, leak customer information, and steal intellectual property and other confidential information.
This can also happen through credential theft, wherein cybercriminals steal the username and password of a targeted individual. They can accomplish this by using tactics like phishing or malware, tactics that artificial intelligence (AI) is helping them turbo-charge.
Research from Ponemon and Proofpoint indicates that credential theft is on the rise, with incidents doubling since 2020 and costing an average of $670,600 per incident.
Human error accounts for 90% of cyber attacks, and unintentional insider threats are the primary risk for businesses when thinking about insider threats.
Unintentional insider threats aren’t deliberate or malicious, but they account for the vast majority (87%) of insider attacks. Typically they result from negligent or accidental behaviour.
Negligent insiders don’t necessarily have malicious intent – however, through carelessness or maybe even a flagrant disregard for security procedures or protocols, they create opportunities for unauthorised access.
Negligent insiders may misplace or lose a company laptop or storage device, ignore software updates and patches, or not follow multi-factor authentication requirements.
To illustrate, research shows that around 50% of people give family and friends access to work-issued devices.
An accidental unintentional insider threat comes from an insider making a genuine mistake. For example, clicking on a malicious link, inadvertently infecting the business’s systems, or sending confidential or sensitive information to an incorrect email address.
Insider threats can be difficult to detect, given that access to sensitive information and systems is genuine – however, there are some things to be on the lookout for.
Cyber security is a company-wide responsibility, and people and culture (that is, HR) departments have a critical role to play. From ensuring everyone within the organisation is conscious of and is prioritising cyber security to minimise unintentional cyber threats, to the early identification of people who may pose a malicious insider threat, people and culture can play a key role in helping reduce the insider threats a business faces.
Learn how US school districts were tricked into losing millions through email scams and what you can do to defend against them.
Fraud can occur at any time, but there are specific periods when businesses in the United States are particularly vulnerable to fraudulent …
Oil giant Halliburton confirms a data breach after a cyberattack. Learn what happened, the potential impact, and how to protect your business.
End-to-end B2B payment protection software to mitigate the risk of payment error, fraud and cyber-crime.