Sometimes it’s a matter of one-upsmanship. Mid-level employees want to prove they are as smart as top management. Believe me, top management is reading people’s emails. The mid-level people are looking for a little payback. A system I used to be on could have an email for each phone extension. One bright fellow created an email account using the emergency phone from the elevator. As long as top management relies on lower-level people for IT support, there are no safeguards. Most top executives are smart enough not to discuss sensitive information using email. Still, from the last election we learned that is not always the case. Something as minor as being able to hack into the company plane’s schedule and passenger list can tip off people to a possible acquisition.

Hacks from within are simply another form of theft. As the enterprise develops and uses information assets as a primary activity this is perhaps the most harmful of actions, meriting safeguarding and an increase in diligence.

I would argue that the biggest threats are still external. The majority of hacks look like an internal email — for example, one that asks employees to update their insurance info. The employee then clicks on the email which gives the hacker access to the entire system. It’s very hard to tell as an individual and hard to catch as a company without educating employees on what to look for. This is a big threat not just for retailers but for all companies. Internal hacks do happen but Target, Home Depot and many others prove these are the exception.

I would not doubt that hacks from inside are a common thing. Take advantage of this and test your systems. Get your smartest people and create some hack teams. One tries to hack from the outside and another tries from the inside and one tries to prevent them both from succeeding. Have prizes, provide the right gear and tools and create ways to apply more security after the end of the challenge.

The greatest threat to corporate and government IT system security is and will remain internal. It is important to understand that third party development and support individuals and companies must be considered employees since they communicate from within ownership’s infrastructure. The competition and enemies of ownership will pay for the information they need to get inside information. Disgruntled and/or greedy employees that are many times guilty of overconfidence will play to get paid. The present day systems are built to and do an outstanding job of keeping people out. It would be far more prudent to design and build information systems like a jail for the strict purpose of keeping information in and only in the owner’s system. The use of tightly controlled terminal mode in place of the very leaky thin clients is a good place to begin exploration. There are many limitations to communication that are exploitable within this design method and range as well. Companies and government agencies that are heavily invested in cloud computing will react stubbornly to these and other… Read more »

The largest loopholes that enable data breaches do indeed come from within. Willingly or unwillingly, employees create weaknesses. These come in two forms:

1. Subversive. As described in the Columbia example above, today’s go-getter can become tomorrow’s ruthless ex-employee furthering a career at a competitor. Unmonitored logins create unlocked doors. Even if email and account access is terminated immediately with the employee, a cunning job seeker may have snatched portable trade secrets before tendering his/her resignation.

2. Suckers. Employees have always ignored security protocols. More protocols beget more lapses that fraudsters exploit. Further, the fortress headquarters can’t be locked down as it once was. The twin movements of BYOD (bring-your-own-device) and telecommuting have made for a target-rich environment for cybercriminals with BEC (business email compromise) being a chief threat.

What’s true in espionage is unfortunately also true in apparel. Expect more tools to make their way into private sector attacks — the spoils are too large to ignore.