ITMG Insider Threat News September 17, 2022

The Difference Between Insider Risk and Insider Threats

The difference between an insider risk and an insider threat is relatively straightforward: insider risks are anyone who has access to sensitive data. Insider risks do not necessarily have malicious intent—it can be a conscientious employee who makes a simple mistake exposing sensitive data. Maybe they send an email to the wrong person, leave a laptop at the coffee shop by mistake, or share a screen shot that includes data or information they don’t even realize is there.

Or, more likely they’re sending something from to their private email or storage for legitimate work purposes or clicking on suspicious links. The number of ways for well-meaning employees to introduce risk without even realizing it is long, and it’s getting longer by the day as threat actors continue to target employees with new tactics and techniques. But for most employees, risk does not mean that they are a threat.

The Security Flaws That Make Twitter’s Insider Threat so Scary

Peiter “Mudge” Zatko’s whistleblower disclosure contained a lot of alarming claims about Twitter — from confusing bot measurements to executive misconduct — but one of the most alarming claims was that the company was actively infiltrated by agents of the Indian government. For a platform that has always presented itself as a haven for journalists and activists, it’s a troubling claim and one that the company has not directly confronted in responses given to US media.

But the allegations are less outlandish than it seems — and part of a much larger issue for international tech platforms.

Zatko’s SEC filing claims that, in the course of his time as Twitter’s head of security, he was informed that the Indian government forced Twitter to employ one of its agents.

Thinking Beyond Spies at Twitter: Insider Threats Are a Growing Danger — And Can Come from Anyone

The now-public whistleblower allegations that Twitter may have active foreign spies on its payroll are sure to raise concerns about insider threats at companies everywhere. But focusing only on potential spies is a mistake. Today anyone, not just those who may have a strong ideological or financial desire to disclose information about their organization, can be an insider threat.

With the growth of big data, supply chain cyber attacks and online extortion, not only can anyone pose an insider threat, but often they do so unknowingly. The threat is particularly dangerous to banks and financial institutions, multinational corporations and critical service providers as state-backed actors from places like Russia and China attempt to use more advanced cyber tools.

The Economic Valuation of Trade Secret Assets

The economic valuation of trade secret assets has perplexed the intellectual property bar for years. This perplexity emanates from the economic and legal aspects of a trade secret that must be validated in litigation.

Today, trade secret valuations are necessary for strategic planning, accounting and commercial transactions. But most companies do not have an internal accounting system designed to identify, classify, protect and value trade secrets. This article addresses the valuation of trade secrets.

Evil Corp and Conti Linked to Cisco Data Breach, eSentire Suggests

A new report by pure-play managed detection and response (MDR) service provider eSentire has connected the data breach affecting Cisco Talos systems in May with an Evil Corp-affiliate group.

More specifically, eSentire’s Threat Response Unit (TRU) discovered that the IT infrastructure used to attack Cisco was also deployed in an attempted compromise of one of its clients in April 2022.

NCSC and Federal Partners Focus on Countering Risk in Digital Spaces during National Insider Threat Awareness Month 2022

This year’s NITAM campaign focuses on the importance of critical thinking to help workforces guard against risk in digital spaces, which can facilitate insider threat activity.  Such risk includes social engineering efforts; online solicitation by foreign or domestic threats; misinformation, disinformation, and mal-information; as well as malicious cyber tactics like phishing, smishing, and vishing.

With virtual work environments becoming more prevalent, malicious actors have more opportunities to target those in our workforces through exploitation of the digital information landscape. Government and industry employees are often susceptible to malicious digital approaches, posing enhanced risk to themselves and their organizations.  The ability to spot and respond to manipulative information begins with critical thinking skills, which are essential to reducing vulnerability to these risks.

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading