As 2020 comes to a close, news of a vaccine for Covid-19 brings a sense of optimism for the new year ahead. However, as governments pull the plug on furlough schemes, and a global economic downturn looms, many organizations find themselves planning restructuring and redundancies necessary for business survival leading to a rise in insider threats.
At the start of the pandemic businesses quickly adapted to remote working to manage new legislature that kept employees at home. The sudden onset of remote working brought many challenges for organizations and employees alike, and indeed opportunities for cybercriminals who capitalized on those not well prepared for changes in the way we now work.
Insider Threats
Those responsible for IT security have spent the past several months effectively trying to keep cybercriminals at bay, but with the economic uncertainty we now face, they must also consider the threats that lie within the company walls.
We know from experience that relying on perimeter defense and anti-virus software to prevent cyberattacks is an antiquated approach that is no longer effective in the fight against modern cybercrime. The sheer number of threat vectors virtually ensures that cybercriminals will get in if they want to, and in many cases they already are, waiting for the right time to activate and launch an attack.
We must not forget that many organizations face an even more imminent danger, the insider threat. Leading analyst firm Forrester expects insiders to be responsible for a third of breaches in 2021, up 8% from 2020, mostly due to the increase in remote working. Of course not all threats are of malicious intent. Employees struggling to balance work life and family stress during a pandemic could easily be forgiven for being less focussed and distracted. Unfortunately, those distractions can lead to accidental threats, in many cases simply not taking the time to validate what may appear to be a legitimate email before clicking on a phishing link. A simple mistake that can have disastrous consequences.
While organizations should expect that most employees are behaving appropriately, they should also consider that some may not, and prepare accordingly. At a time when financial stress could lead people to act in a way that is out of character. Employees may be motivated to act unscrupulously for financial gain when times are tough, and in a year when bonuses and pay rises are highly unlikely.
Disgruntled insiders, economic uncertainty, loss of valuable company data and trade secrets can spell disaster. Unfortunately, departing employees pose one of the biggest risks for organizations, especially heightened at a time when employees are working from home and data is decentralized on devices residing outside the company network. Detecting and preventing any unauthorized data from leaving the company, no matter where employees are based is critical to mitigating the risk of insider attacks.
Data Exfiltration
Any attack, be it for monetary, political or competitive advantage relies on the removal of data from the organization. Infiltrating a network or device does not, in itself, equate to a successful attack. An attack is only successful if unauthorized data is stolen or removed from a device or network. Organizations must be able to monitor, detect and prevent unauthorized data exfiltration in order to mitigate the risks associated with data loss.
The difficulty is that data exfiltration can be very difficult to detect, particularly from an insider. As data routinely moves in and out of an organization, exfiltration can closely resemble normal network traffic, meaning that data loss incidents can go unnoticed by IT staff until it’s too late. A preventative approach that can monitor data exfiltration in real-time is essential in detecting unusual behaviour before the unauthorized data transfer can occur.
Related Posts
BlackFog Wins 2024 CyberSecurity Breakthrough Award
BlackFog Wins Coveted ‘AI-based Cybersecurity Innovation of the Year' in the 2024 CyberSecurity Breakthrough Awards Program
Big Game Hunting is on the Rise in Cybercrime
Big game hunting in cybercrime refers to attacks where cybercriminals target large organizations with the goal of demanding hefty ransoms. This article explores the tactics used in these attacks, provides real-world examples, and explains why this form of cybercrime is becoming increasingly common.
RansomHub: The Rise of a New Ransomware Threat
Explore RansomHub, a ransomware group emerging in Feb 2024. Discover their tactics, notable attacks, sophisticated techniques, and links to other cybercriminals.
The State of Ransomware 2024
BlackFog's state of ransomware report measures publicly disclosed and non-disclosed attacks globally.
TAG Blog Series 3 – How ADX is Integrated by BlackFog
Integrating Anti Data Exfiltration (ADX) solutions is essential for enterprise cybersecurity. This article examines how BlackFog's ADX enhances existing technologies by focusing on prevention and the shift-left paradigm. It illustrates ADX's effectiveness against ransomware and its support for modern managed security service providers, demonstrating how ADX integration creates a comprehensive security solution.
Data Exfiltration Extortion Now Averages $5.21 Million According to IBM’s Report
According to IBM's 2024 Data Breach Report, the financial toll of data exfiltration extortion has surged, with the average cost now reaching $5.21 million per incident. This alarming trend highlights the growing sophistication of cybercriminals and the increasing financial risks organizations face when sensitive data is compromised. As data breaches continue to escalate, businesses must prioritize robust cybersecurity measures to mitigate these costly threats.