Industry news

‘Trusted insider’ allegedly diverts $90,000 from National Maritime Museum

Niek Dekker
3 Min
‘Trusted-insider’-allegedly-diverts-$90,000-from-National-Maritime-Museum

An IT support contractor allegedly diverted an estimated total of $90,000 from the Australian National Maritime Museum (ANMM) after changing bank account details stored in the museum’s system to his own. The 23-year-old Sydney man appeared in court on 3 March, 2023, where he faces multiple criminal counts.

According to the Australian Federal Police (AFP), the museum detected financial “anomalies” related to “contracted companies” in November 2022. The AFP was eventually notified after independent forensic investigators identified the alleged fraud.

Cyber-crime operations investigators claim that they’ll be able to connect the defendant to “unauthorised access of various systems and servers,” with authorities alleging that the man illegally accessed the financial information of several other businesses and individuals. They allege that he then used this information to make fraudulent credit card purchases.

AFP Detective Leading Senior Constable Clare Yammine said trusted insiders remain a “real threat” in Australia.

“The AFP is committed to preventing and prosecuting cybercrime and fraud committed against Australians and businesses. We will allege the motivation for this activity was greed, and it came at the expense of hard-working Australians who are already feeling the impacts of everyday living expenses.”

Insider threats in Australia

The trusted insider is one of several different types of “malicious insider,” which the Australian Cyber Security Centre defines in this way:

“Malicious insiders can be employees, former employees, contractors or business associates who have legitimate access to your systems and data, but use that access to destroy data, steal data or sabotage your systems.”

This does not include well-meaning employees who unintentionally expose your organisation to risk or authorise an incorrect payment.

Trusted insiders are individuals who have access to sensitive information and have been authorised to handle it. They may have worked for the organisation for years, hold a position of authority, or have access to high-level data, making it easier for them to cause damage without raising suspicion. A financial insider threat can lead to significant financial loss for the organisation, reputational damage, data theft, legal action and regulatory fines.

Insider threats can manifest in different ways, including theft of customer information or intellectual property, unauthorised access to financial systems or data, and social engineering attacks. Social engineering involves the use of psychological manipulation to trick employees into divulging sensitive information, such as passwords or personal data, that can be used to launch an attack.

Malicious insiders may act alone, or they might be influenced by an external third party who bribes or coerces them to act against the organisation’s interests for financial gain. That’s why it’s important to know the different types of insider threats in order to defend against them.

Protecting against insider threats

Unfortunately, insider threats are some of the hardest to identify and address. The simple reality is that sometimes employees, contractors and associates need to access sensitive information and systems as part of their job function, making it easier for them to bypass threat detection.

Preventing malicious insider threats requires a multi-faceted approach, including insider risk controls that align your financial controls with your cybersecurity strategy. This includes security measures like least-privilege access policies or segregation of duties, regular monitoring of network activity and background checks for staff with access to sensitive data. Employee training programs can also help build a strong anti-fraud culture and educate staff on how to identify and report suspicious activity like unusual work hours or requesting unnecessary access to account information.

Lastly, a technical layer of security like Eftsure’s solution can standardise and automate some of these controls, making it harder for malicious actors to circumvent your defences – even if they’re intimately familiar with how your systems work.

Read more about how to minimise the risks of insider threats.

Related articles

The new security standard for business payments

Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.