One can build a wall, set up perimeter defences, and spend massive resources maintaining it all. But if your enemy is within, that wall will do you no good.
Recently, the personal email account of a reputed mid-size Mumbai-based firm’s CIO was “compromised.”
A series of erratic and offensive messages were sent from his ID to the senior management team.
The intention, without doubt, was to instil fear and panic into anyone that read them, and more importantly, to demean the reputation of the said executive.
The CIO, unaware of this occurrence, was summoned to the boardroom. Having worked in the company for many years his reputation was at stake. The matter opened up and the emails were shown. After squinting his eyes a few times, he did realize that his personal account was hacked.
“I felt embarrassed, righteously angry and violated. However, I quickly realized that I should not let my emotions rule me at this time,” shared the CIO.
After explaining his position, the first thing he did was to take back control of his account. The password was reset, his laptop and mobile scanned for malware/spyware and so on.
He then headed straight to the local police station, filed the First Information Report (FIR), and the case was taken over by the local cybercrime division.
The revelations from the investigation were startling.
Here was a disgruntled employee (on contract basis), aged 30 years, computer engineer from a reputed institute who harboured a belief against the CIO “of not been treated fairly.”
“The only reason he did this was because I never had a direct conversation with him. My discussions regarding the project and the initiatives that he was working on were limited with his team manager. Since he was deployed on a contract basis, I took the updates/project status from the team leader. He didn’t like my way of functioning, and he felt that I was ignoring his effort and contribution to the project. This act was his way of venting out anger,” the CIO informed.
I was appalled. It takes a lot of hard work by dedicated and efficient people to make a company thrive. And all it takes is one malcontent to bring the reputation of the individual and/or the company down.
In today’s networked world, a disgruntled employee can pose a greater corporate risk than an outside hacker. From the above example it is evident that such threats are hard to detect. And it could be anyone, from a careless partner to an employee gone rogue.
After all, insiders have legitimate access to systems and data, unlike the external bad actors where there are stringent security policies and tools to help defend against.
It is time that businesses put together such list of “insider threat” types and examples. By exploring different methods and motives, CIOs and CISOs (and employees) will be better equipped to spot the threats before any such incident occurs.
Question: Insider threats are a growing problem. How are you dealing with it?
(Image Source: https://www.datalinknetworks.net/)