‘Trusted insider’ allegedly diverts $90,000 from National Maritime Museum

Insider threats in Australia

The trusted insider is one of several different types of “malicious insider,” which the Australian Cyber Security Centre defines in this way:

“Malicious insiders can be employees, former employees, contractors or business associates who have legitimate access to your systems and data, but use that access to destroy data, steal data or sabotage your systems.”

This does not include well-meaning employees who unintentionally expose your organisation to risk or authorise an incorrect payment.

Trusted insiders are individuals who have access to sensitive information and have been authorised to handle it. They may have worked for the organisation for years, hold a position of authority, or have access to high-level data, making it easier for them to cause damage without raising suspicion. A financial insider threat can lead to significant financial loss for the organisation, reputational damage, data theft, legal action and regulatory fines.

Insider threats can manifest in different ways, including theft of customer information or intellectual property, unauthorised access to financial systems or data, and social engineering attacks. Social engineering involves the use of psychological manipulation to trick employees into divulging sensitive information, such as passwords or personal data, that can be used to launch an attack.

Malicious insiders may act alone, or they might be influenced by an external third party who bribes or coerces them to act against the organisation’s interests for financial gain. That’s why it’s important to know the different types of insider threats in order to defend against them.

Protecting against insider threats

Unfortunately, insider threats are some of the hardest to identify and address. The simple reality is that sometimes employees, contractors and associates need to access sensitive information and systems as part of their job function, making it easier for them to bypass threat detection.

Preventing malicious insider threats requires a multi-faceted approach, including insider risk controls that align your financial controls with your cybersecurity strategy. This includes security measures like least-privilege access policies or segregation of duties, regular monitoring of network activity and background checks for staff with access to sensitive data. Employee training programs can also help build a strong anti-fraud culture and educate staff on how to identify and report suspicious activity like unusual work hours or requesting unnecessary access to account information.

Lastly, a technical layer of security like Eftsure’s solution can standardise and automate some of these controls, making it harder for malicious actors to circumvent your defences – even if they’re intimately familiar with how your systems work.

Read more about how to minimise the risks of insider threats.