Verizon warns enterprises about internal security threats

Many incidents are driven by employees with little or no technical aptitude. (Getty Images)

Cybersecurity threats from an enterprise’s own employees and partners can be as devastating as threats from external actors. And according to data gathered by Verizon’s cybersecurity team as part of its 2018 Data Breach Investigations Report, 20% of cybersecurity incidents and 15% of data breaches originated from people within a breached organization. The top reasons for these cyberthreats were financial gain (47.8%), pure fun (23.4%), and espionage (14.4%).

Verizon used some of the same data and caseload analysis from its 2018 Verizon Data Breach Investigations Report to create its new Verizon Insider Threat Report. The carrier identified five categories of inside threat actors:

  1. The Careless Worker. Employees or partners who misappropriate resources, break acceptable use policies, mishandle data, install unauthorized applications and use unapproved workarounds; their actions are inappropriate as opposed to malicious.
  2. The Inside Agent. Insiders who are recruited, solicited or bribed by external parties to exfiltrate data.
  3. The Disgruntled Employee. Insiders who seek to harm their organization via destruction of data or disruption of business activity.
  4. The Malicious Insider. Actors with access to corporate assets who use existing privileges to access information for personal gain.
  5. The Feckless Third Party. Business partners who compromise security through negligence, misuse, or malicious access to or use of an asset.

With external attacks, it can take months or more for organizations to detect intrusions. But since insiders have fewer barriers to overcome and controls to circumvent, the time it takes to detect a breach can be much longer.

Sponsored by Ribbon

Webinar: Identity Assurance – Restoring Your Customer’s Trust in the Phone

Learn about Ribbon Call TrustTM, an identity assurance solution that encompasses STIR/SHAKEN and on a per-call, real-time basis will: determine caller intent and identify bad actors from network and call data analytics; provide multi-dimensional reputation scoring using Machine Learning algorithms; and recommend optimal call validation treatment. And will do this for both IP and TDM phone calls. With Ribbon Call Trust™ you can defeat robocalls and fraud attacks, truly restoring your customer’s trust in the phone.

And it’s not just IT experts and programmers doing the hacking. “Data theft involving programmers, administrators or executives certainly makes for interesting anecdotes, but is still less common in our overall data set than incidents driven by employees with little to no technical aptitude or organizational power,” states the report. “Regular users have access to sensitive and monetizable data and are behind most internal data breaches.”

Most people behind data breaches, whether insiders or not, are motivated by money. According to the report, data breaches associated with espionage usually have a financial motivation as well. A common scenario is the exfiltration of internal data or intellectual property for a new endeavor.

RELATED: CenturyLink rebrands cybersecurity operations as Black Lotus Labs

Verizon’s report provides a framework for companies to be more proactive in detecting insider cybercrime. “Verizon sits between the sources and victims of cybercrime on a daily basis,” states the report. “By sharing real scenarios from our caseload we hope that organizations can learn and adopt the countermeasures we recommend to implement their own programs.”

Some of Verizon’s recommendations include conducting threat-hunting activities, performing vulnerability scanning tests, implementing human resource controls, and using technological devices to detect unusual activities. And of course, the company recommends implementing network security software such as firewalls.

Suggested Articles

Employers used to give some workers a company phone; now they have the option to offer company internet.

CenturyLink is not a wireless company, but the company expects to be an important player in 5G and IoT.

Verizon Business’ Chief Product Officer Aamir Hussain said four categories of Verizon Business services are hot commodities during Covid.