Insider threat or not? That seems to be the questions surrounding a recent breach that struck Microsoft between January and March. Some reports are saying that it absolutely is, while others say it isn’t. Let’s look at a couple.
Via Verdict: Microsoft hack another case of insider threat. According to the story:
Via Wired: MICROSOFT EMAIL HACK SHOWS THE LURKING DANGER OF CUSTOMER SUPPORT. According to the story:
We suppose there can be some room for subjective judgments on whether or not incidents are the result of an inside threat. In this case though, available information leans towards it being exactly that. You don’t have to take our word for it though, let’s look at some objective definitions.
The Department of Homeland Security defines insider threat as: the threat that an employee or a contractor will use his or her authorized access, wittingly or unwittingly, to do harm to the security of the United States.
TechTarget SearchSecurity says: Insider threat is a generic term for a threat to an organization’s security or data that comes from within. Such threats are usually attributed to employees or former employees, but may also arise from third parties, including contractors, temporary workers or customers.
Wikipedia has a lengthy definition and points out that there are three distinct types: 1) malicious insiders, which are people who take advantage of their access to inflict harm on an organization; 2) negligent insiders, which are people who make errors and disregard policies, which place their organizations at risk; and 3) infiltrators, who are external actors that obtain legitimate access credentials without authorization.
Our opinion, the hack was an insider threat, absolutely.
For more information about how frequently similar types of insider threats take place, read our 2019 Insider Threat Intelligence Report, which also provides comprehensive guidance on how to reduce risk.
TransUnion Gets Serious About Insider ThreatDtex works daily with organizations that are either already committed to reducing insider threat risk and which are starting to recognize how real a problem it is. We’ve noticed that in several instances, organizations have created specific positions dedicated to addressing the problem. It caught our eye that data giant TransUnion has recently decided to expand its security practice by hiring to fill an insider threat position. If you are in the market, check out: TransUnion, Senior Manager, Insider Threat Investigations
Topics
Subscribe today to stay informed and get regular updates from DTEX Systems