FBI issues warning: Watch out for insider threats

The Federal Bureau of Investigation (FBI) recently sounded an alarm for IT pros. It’s seen an uptick in cyberattacks against businesses – and the threat is increasingly coming from disgruntled and former employees. 

According to the FBI and Department of Homeland security, cases of sabotage and bribery by employees are a serious and costly threat to organizations. In a recent report, the groups warned:

“There has been an increase in computer network exploitation and disruption by disgruntled and/or former employees. The FBI and DHS assess that disgruntled and former employees pose a significant cyber threat to US businesses due to their authorized access to sensitive information and the networks businesses rely on.”

Often, these cases are instances where a fired employee access systems after leaving the company using remote access tools. These programs are usually installed before the employee is fired or quits, meaning that the move is often pre-meditated.

And in other cases, these employees try to bribe their former employers, holding access to systems or information ransom in exchange for payment.

A costly crime

The report also showed how costly these attacks from insiders can be. Costs ranged from $5,000 to $3 million for these incidents, factoring for:

  • the value of the data
  • IT services to respond to the incident
  • legal fees
  • loss of revenue, and
  • other costs.

Even if the attackers weren’t successfully able to exploit money, the process could still have a hefty cost.

Insider threats have been around

This was prompted by an increase in criminal activity, but insider threats are nothing new. In fact, it was recently revealed that a former security employee for Home Depot had been serving time in jail for sabotaging a former employer.

To make sure you don’t fall victim to a malicious insider, be sure to:

  • always remove former employees from your systems and revoke credentials ASAP – even if they leave under friendly circumstances
  • change administrative passwords when IT employees leave
  • don’t use shared credentials for accounts
  • ban and scan for the use of remote access tools, and
  • maintain backups of all data in case your access is restricted by a malicious insider.

 

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy