Device security: internal threats and how to solve them

“There is no patch for careless, greedy or stupid.”

This quote was recently said by Chuck Norris. No! Just kidding! It was the former FBI computer intrusion head Don Codling to Computer Weekly. He was talking about how companies of every size deals with computer security and internal threats and how -despite all the efforts that IT asset management do to avoid attacks, data breaches, and failures- businesses should always be prepared for the human factor.

chuck_norris.gif

Maybe Chuck Norris would solve this quicly and painlessly (well, maybe with some pain), but he’s not available at the moment, so lets take a closer look at the current internal threats that don’t let IT warriors sleep at night, and how to solve them using device management softwares.

Why is this so important? Because, according to Computer Weekly, “the most common tactic by attackers is to seek out privileged users to compromise their accounts and use their credentials to move freely in the network.”

Even worse, “if attackers are after money, we have seen them identify and compromise key employee credentials to make unauthorised payments to accounts they control in ten minutes,” explains Mr. Codling.

In addition, the Symantec’s 2016 Internet Security Threats Report shows that:

  • 429 million identities were exposed to web threats in 2015, 23% more than 2014.
  • 1.3 million identities were exposed per breach during 2015, 21% more than 2014.
  • 1.1 million web attacks were blocked each day in 2015, 117% more than 2014.

Ok. let’s take a look…

Phishing: your employees are not aware of threats

Careful with your employees, they might unleash really nasty phishing attacks into your database by opening some silly email at work. According to Paul Stamp, a Forrester Research senior analyst quoted by ITsecurity.com, “unwitting employees disclosing confidential information, from passwords to financial data, to ill-intentioned intruders. Unable to identify fraudulent websites and counterfeit email messages, these internal workers are essentially opening a company’s closed doors to criminals.”

How to solve it? Software solutions offer toolbars that warn you about a website’s real domain name, so you decide if you can trust that source or not. Train your employees in basic IT security behavior. “Companies should forget about training IT personnel and staging corporate awareness campaigns,” says Alan Paller, Director of Research at The SANS Institute, to ITSecurity.com. Instead, he suggests running “benign spear phishing exercises against your own employees …There’s no other way to solve it.”

Stolen laptop

It seems that nowadays stealing a laptop or a smartphone is more exciting that stealing a car. Device theft becomes even more devastating for a company when thiefes and unauthorized people access your strategic data through employee’s devices.

How to solve it? Besides remote data blocking solutions, what works really well is geofencing technology. With this solution, you can set a virtual perimeter in which corporate devices can be used and moved (for example, your company headquarters, warehouses, and front-end stores.) If someone tries to steal a device, an alarm gets activated as soon as the device trespasses the virtual perimeter. Remote data blocking protocols will also be activated, and the geofencing solution will also provide info about where and when the incident is taking place. Cool, right?

Ex-Employees

“Research has revealed that it can take up to 4 months to remove user rights of a former employee. Within that time-span, there’s no telling what havoc a disgruntled employee can wreak on a company’s critical business systems,” ITSecurity.com explains. 4 long months! Where anything can happen. So, either we find a way to accelerate this process or we adopt software solutions to strengthen restrictions to key data from any former employee.

How to solve it? According to IT Security.com, there are solutions that automate policy enforcement and delegate administration for user provisioning which helps maintain security levels while managing large numbers of users.

{{cta(‘bf4b33a0-1146-4625-b79a-062a031caaf4’)}}

Hackers coerce employees

Remember Mr. Codling? Well, at Computer Weekly he explains that “in one case, the attackers had arranged for a series of transfers to bank accounts around the world in seconds of the money arriving in attempt to make the funds untraceable (…) Another tactic is to coerce employees of target organisations into providing credentials by threatening them or their family members.”

How to solve it? Dude, this could be huge, and there isn’t a magic solution for this. But what we actually can recommend is that IT teams should be absolutely updated about the latest ways that hackers have to try to fool you and your systems. Try to maintain permanent contact with authorities, specialized media, academics, and consultants to know what hackers are cooking. 

What other internal threats are currently bothering you and your team?   

Nicolas Poggi

Nicolas Poggi

Nicolas Poggi is the head of mobile research at Prey, Inc., provider of the open source Prey Anti-Theft software protecting eight million mobile devices. Nic’s work explores technology innovations within the mobile marketplace, and their impact upon security. Nic also serves as Prey’s communications manager, overseeing the company’s brand and content creation. Nic is a technology and contemporary culture journalist and author, and before joining Prey held positions as head of indie coverage at TheGameFanatics, and as FM radio host and interviewer at IndieAir.