One of the biggest threats to your computer systems could be sitting in your next staff meeting. That uncomfortable and unfortunate fact was noted by the Department of Homeland Security (DHS) in a public service announcement released September 23.
The agency reported that security breaches by disgruntled employees are on the rise, and pose a significant threat to U.S. businesses. The FBI has investigated a growing number of cases in which current or former employees exploited their ability to access business networks and servers in order to destroy data, steal proprietary software, make unauthorized purchases, and obtain customer information and other resources for use in a new job. There were also multiple incidents in which disgruntled employees disabled access to key systems or conducted distributed denial of service attacks as part of an extortion scheme against their employers.
The DHS and the U.S. Computer Emergency Readiness Team (US-CERT) define an insider threat as “a current or former employee, contractor or other business partner who has or had authorized access to an organization’s network, system or data and intentionally misused that access to negatively affect the confidentiality, integrity or availability of the organization’s information or information systems.” According to FBI data, insider threat incidents cost victim businesses anywhere from $5,000 to $3 million to resolve.