Insider threats may not get as much attention as the outsider threats. Outsider threats are overwhelmingly malicious in intent. Organizations must protect their data with a strong barrier, because the “bad guys” are on the outside.
However, inside the walls of an organization can be a disgruntled employee wanting to cause harm or an employee incentivized from outside the organization.
Then of course there’s the innocent insider threat. This could be an accidental click or following instructions by way of phishing or Business Email Compromise (BEC). These accidental attacks can also come from outside but are considered internal when coming from members of the supply chain (third-party partners). Perhaps a vendor was compromised through a cyberattack and is now being used as a point of entry into other organizations.
The Malicious Insider Threat
No one wants to believe an internal member of an organization would want to cause harm. However, according to the Verizon 2021 Data Breach Investigations Report, 22 percent of security incidents come from insider threats. While insider threats can come from a few avenues, perhaps none are scarier than the malicious insider threat.
Members of an organization have a quick and ample amount of data at their fingertips. Data is becoming increasingly more valuable with trade secrets, intellectual property, and sensitive data (personal identifiable information and payment card information). Some have even considered data as a new currency. Therefore, it’s no surprise that sending data outside of the organization may prove to be lucrative.
There are a few options for internal members to move data outside the organization. Email remains one of the most popular of the options. At the basic level, an employee decides to email data outside of the organization. It can happen for various reasons, sending it to their personal email accounts to utilize freely – even disguising it in an image through steganography. It can also happen boldly with an email of the data straight to an outside individual.
The Unintentional Insider Threat
A common insider threat is sending an attachment to the wrong internal or external recipient. The odds are there are multiple names in the address list and some of the names could be repeats (multiple Jims or Katies). When someone is sending an email attachment with sensitive information and accidentally selects the wrong “Jim,” it’s a data risk and an insider threat. It can also happen when someone emails an attachment to a recipient, they thought had clearance to the information but did not.
Everyone makes mistakes and when cybercriminals are targeting organizations, they may try to exploit human error. BEC is an effective way to infiltrate because it tricks the organization’s employees. Cybercriminals disguise emails as trusted senders asking to do various tasks including sending money or asking for access to data. Once the internal member clicks a link or follows the directions in the email, the floodgates of data loss are opened.
Comprehensive Email Security
With threats coming from every direction and no signs of slowing down, what can organizations do to protect themselves? Education and training for employees is an important step to making them aware of the dangers that lurk and how important their roles are in protecting the organization. Having strong email security solutions is also important as even the most educated of employees can still make mistakes.
Clearswift as part of Fortra Digital Risk Protection and Email Security offers comprehensive email security that can prevent, protect, train, respond, and remediate. Find out more about how our solutions are best-in-class for email threats and how we can complement existing email solutions like Microsoft 365.