Welcome to #WeekendWisdom number 37. This week we’re going to talk about insider threat.
What is an insider threat?
Basically it is a member of staff, a contractor or a volunteer that is either being scammed into doing some malicious acts that will affect the company or they are, through their own malicious intent, going to do something that causes the company damage.
Can you give me a for example?
A perfect example of the insider threat occurred earlier this week. On Wednesday evening, late Irish time, tweets started emerging from verified accounts on Twitter. These were trying to get people to fall for a bitcoin scam and a lot of famous names were caught up in this. What appears to have happened, the early reportage is, that a Twitter employee was either bribed or they were scammed by some criminals to be able to gain access to a tool that allowed them to post these tweets.
What can I do to protect against it?
Now there isn’t a huge amount that you can do to protect against the insider threat. Except:
- Know that it exists.
- Try to limit the access for staff to such powerful tools, as far as possible.
- To respect them and treat them properly so that they don’t try and carry out these malicious activities against your organisation.
- Recognise any signs that they may be financially imperilled, that they may take bribes to gain money to be able to carry out these acts against the company.
So that’s it for this week. Let’s be careful out there and we’ll talk to you again next week.
How can L2 Cyber Security help you?
We offer a full range of training programmes, which can be delivered online or in-person*.
L2 Cyber Security are also a partner of CyberRiskAware for online self-directed Cyber Security Awareness training and Phishing testing.
Contact us for more information at info@L2CyberSecurity.com.
*With appropriate social distancing and other health and safety measures adhered to.