Insiders in All Shapes, Forms There are “all sorts of insiders,” Baker said, noting that the incidents could have been by malicious insiders, former employees, insiders coerced by outsiders, or even honest mistakes. Employees may need the money, making them willing accomplices when approached by outsiders, or angry enough to lash out at the company, Baker said.
Mistakes cover a whole range, such as forgetting to change or disable the default password, neglecting to encrypt sensitive data, and accidentally posting sensitive data to a public server. There were many instances of former employees going back into systems and causing damage because their accounts had not been revoked after they left the company, Baker said.
In fact, “misuse” was the top-most used threat action in IP theft. Verizon classifies attack methods in seven categories, and the overall DBIR found that most data breaches were the result of malware or hacking. In cases of IP theft, it was more likely that the thieves were users who already had access to the data or systems.
Privileged accounts are often not managed properly, and in many cases have weak passwords or are shared between multiple users, Adam Bosnian, an executive vice-president at Cyber-Ark, told SecurityWatch. “Businesses across industries need to wake up and understand that these privileged accounts are the number one target,” Bosnian said, adding that controlling these access points “needs to be a priority.”
In fact, Cyber-Ark found that 43 percent of businesses in its 6th annual global IT security survey, released in June, did not monitor how privileged accounts were being used despite being aware that attackers are increasingly taking advantage of these accounts, Bosnian said.
To understand trends surrounding intellectual property theft, Verizon analyzed 85 incidents from the 2012 DBIR and 2011 DBIR, Baker said. The sheer number of data breaches involving IP theft means anything related to insider attacks “gets drowned out” in the DBIR, making this kind of a spotlight valuable, Baker said.