Cybersecurity: combating “inside attacks”
In 2020, businesses will likely have better cybersecurity measures in place than ever before. This is great news for business owners, meaning that targeting companies through cyber infrastructure vulnerabilities will become costlier to cybercriminals in resources, time and effort.
What this also means, however, is that such attackers will increasingly target businesses by other means. According to cybersecurity giant Kaspersky, 2020 could see an increase in cyber-attacks utilising “social engineering methods” – preying on human weakness to conduct attacks.
It seems likely then, that companies will have to take greater measures to ensure that their workforce is as secure and guarded against threats as their systems.
So, what forms do inside attacks take? And what can businesses do to protect themselves?
The types of inside attack
Extortion
A cyberattack can target an employee in numerous ways. One of the most prominent and sinister methods is blackmail. Entire groups are said to operate through cyber-blackmail and it is forecast that such attacks will become more common.
Cyber-blackmail involves gaining leverage in the form of compromising information about an employee. This could be anything, from evidence of a criminal conviction, to personal information or even explicit material.
Often, a group will use leaked emails and passwords in order to identify potential targets and then extract compromising information to be used as leverage in a cyberattack.
Insider
A thought that may make uncomfortable reading for employers is the possibility that employees may act willingly in a cyberattack against their company.
Employees, motivated by personal gain or a desire to redress a grievance, could use their insider status to compromise systems, steal sensitive data or introduce malware.
It has been reported that cybercriminals sometimes simply post open offers on forums promising rewards for company information.
Trickery
In many inside attacks, the employee who falls victim to the attacker may do so unwittingly. They could simply be asked to disclose certain information that they may not think is sensitive but could be used to target a business, such as phone numbers or information relating to bank accounts.
Often this kind of attack will be successful due to a simple lack of employee education, either relating to how actions can leave a business vulnerable or regarding what information can be compromising.
So, what measures should be taken to combat inside attacks?
Combating insider attacks
Due Diligence
This may sound obvious, but due diligence on employees or potential hires could be the best defence against insider attacks.
This doesn’t mean trying to find out absolutely everything about an employee. Privacy should always be respected, but getting a solid picture of someone’s personality, work history, past conduct and, if necessary, general financial situation, can be invaluable in selecting employees who are trustworthy and unlikely to become a target.
Restrict admin rights
Restricting administrative network access to a small circle of only the most trusted and important users can be crucial for preventing breaches, simply by minimising access to sensitive information.
Many experts endorse the principle of least privilege when it comes to access rights. Simply put, employees receive the minimum amount of security permissions required to perform their work. In this way, the amount of sensitive information that could be surrendered by one employee is limited.
Educate and create a security-focused culture
One of the ways to prevent breaches is to educate employees about safety best practice. Perhaps most importantly, educating staff about secure and unsecure networks.
This includes teaching employees what is or isn’t a secure network (often public, open Wi-Fi networks will not be properly secure) and how to verify a network’s security. Discouraging the use of personal devices for work as far as possible can also be valuable.
It is also worth reminding employees of basic security, such as not accessing unsecured websites on work devices and never sharing passwords, even with colleagues.
Overall, alongside solid security infrastructure and protocol, in-depth, informative and ongoing employee education is among a businesses’ best defences against cyber-attackers.
