Obviously most aren’t. But enough are, or could be, that employers need to be looking over both shoulders – one facing outside and the other in, LeClair indicates.
“In many cases, when we talk insider threat, the person may no longer be with the company – so if you add that piece to the definition you can see why it becomes pretty big; much bigger than people probably think about,” LeClair notes. “People who leave may be angry or frustrated, or are laid off. You can understand why the company wants to get them out quickly because they can have that need for revenge in some cases.”
Or they may still be with the company but are disengaged.
“They feel unappreciated or unfulfilled. They are hard workers but they don’t feel that the organization is appreciating them or recognizing them, or perhaps not paying them what they feel they’re worth. That’s another level of dissatisfaction that is very frequently thought about. I would say that’s probably one of the bigger reasons.”
Then there is a relatively new insider threat which may prove to be among the most dangerous – the politically motivated perpetrator.
“I’ve always looked at from the human perspective,” explains Candy Alexander, an IT security consultant and former chief information security officer. “It’s important to note if you are a security person or an IT person to pay attention to what is going on in our society with current events. It will be reflected into the electronic world. In our society and culture today there is a lot of intolerance for lots of things. We’re seeing that through sorts of events.”
A different moral compass
Could social conscious be a motivating factor in the Ashley Madison case? It’s still too early to tell, but some IT security experts tell CIO that it is certainly possible.
Since word of the Ashley Madison breach broke in July, many IT security experts and forensics professionals began debating the source of the attack, which revealed the email addresses of millions of account holders and site visitors. Many immediately suspected an insider threat, since the culprit(s) seemed to know too much about the firm’s technology.
“A hacker is someone who uses a combination of high-tech cyber tools and social engineering to gain illicit access to someone else’s data. But this job was done by someone who already had the keys to the Kingdom. It was an inside job,” McAfee stresses.
To support his charge, McAfee cites the following information that was shared by the hacker:
- An office layout to the entire Ashley Madison offices.
- Up-to-date organizational charts for every division in the company.
- A stock option agreement list, including signed contracts.
- IP addresses and the status of every server owned by the company, which amounts to hundreds worldwide.
- Raw source code for every program that has been written for Ashley Madison.
Sign up for CIO Asia eNewsletters.