The top five internal security threats

• Tags:
• Policies,
• Risks,
• Workers,
• Block

Sally Whittle ZDNet.co.uk

Published: 10 Mar 2008 15:48 GMT

• 
• 
• 
• 
• 

Research conducted by the US Computer Emergency Response Team (Cert) estimates that almost 40 percent of IT security breaches are perpetrated by people inside the company.

Criminal attacks are particularly likely to happen from the inside: one recent study estimated that 90 percent of criminal computer crimes were committed by employees of the company attacked.

Smaller businesses are uniquely vulnerable to IT security breaches because they may lack the more sophisticated intrusion detection and monitoring systems used by large enterprises, according to Mark Murtagh, a technical director with Websense. "We definitely are seeing an increasing threat to SMEs, coupled with a lack of understanding of the threats posed," he says.

ZDNet.co.uk asked the experts: what are the top 10 security threats posed by workers in small and medium-sized enterprises?

1. Malicious cyberattacks
Research conducted by Cert has found the most likely perpetrators of cyberattacks are system administrators or other IT staff with privileged system access.

Technically proficient employees can use their system access to open back doors into computer systems, or leave programs on the network to steal information or wreak havoc. In 2006, IT programmer Roger Duronio was found guilty of planting a type of malware known as Unix logic bombs in the network of investment bank UBS. The company claimed the resulting damage cost more than $3m (£1.5m).

Prosecutors argued that Duronio had launched the attack when he received a bonus he felt was unreasonably low. He complained and eventually resigned from his job, but not without leaving behind a memorable parting gift.

The best protection against this sort of attack is to monitor employees closely and be alert for disgruntled employees who might abuse their positions. In addition, experts advise immediately cancelling network access and passwords when employees leave the company, to avoid them using passwords to remotely access the network in future.

2. Social engineering
Perhaps one of the most common ways for attackers to gain access to a network is by exploiting the trusting nature of your employees. After all, why go to the trouble of creating a program to steal passwords from the network, if people will simply give out this information on the telephone?

"You can have the best technical systems in place, but they're not effective if people aren't educated about the risks," says Mike Maddison, head of security and privacy services at Deloitte UK. A recent survey conducted by Deloitte found three-quarters of companies have not trained staff in the risks of information leakage and social engineering.

"It's vital that people understand, for example, that they shouldn't provide their password over the telephone, or that they recognise a phishing email," says Toralv Dirro, a security strategist with McAfee. "These sorts of messages are becoming increasingly sophisticated, and we're now seeing very personalised, targeted phishing emails that may even refer to projects that people work on, or members of their team."

3. Downloading malicious internet content
Some reports suggest the average employee in a small business spends up to an hour a day surfing the web for personal use — perhaps looking at video or file-sharing websites, playing games or using social media websites such as Facebook.

It's not just time that this activity could cost you. Analyst reports show that the number of malware and virus threats is increasing by more than 50 percent each year, and many of these destructive payloads can be inadvertently introduced to the network by employees.

"It's very easy for a rootkit to be hidden in a game or a video clip, and a novice user may not notice anything out of the ordinary," warns Graham Titterington, a principal analyst with Ovum.

The best advice is to constantly update and patch your IT systems to ensure you are protected...

• 
• 
• 
• 

• Share this article:
• Digg
• Slashdot
• Del.ici.ous
• Stumble
• Reddit