Insiders No Longer The Biggest Threat To Computer Networks

from the but-why? dept

For years, we've been told that the biggest threat to various companies' computer networks doesn't come from outside hackers, but from internal (often disgruntled) employees. However, a new study disputes that, saying that less than one in five security breaches were due to insiders. Business partners are nearly twice as likely to be the cause of an attack, and then outside hack attacks are the largest threat. Of course, what isn't explained is whether or not the earlier data was just wrong -- or if something has changed over the last few years (more outside hacking, better controls on employees, etc.). That would probably be a lot more interesting and useful than just knowing the percentages.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: computer threats, hacking, insiders


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    colony, 18 Jun 2008 @ 1:44am

    i think.....

    network admin's all got a pay rise this year

    link to this | view in chronology ]

  • identicon
    Office Sheep, 18 Jun 2008 @ 3:56am

    I think.....

    every network admin is just...Happy. Finally, the last thing I never want to come across with is a network admin who hasn't had his/her Starbucks and is left behind in the corporate pay raise.

    link to this | view in chronology ]

  • identicon
    SomeGuy, 18 Jun 2008 @ 4:44am

    I didn't read the article, but "biggest threat" isn't just a question of numbers, but also of impact. Insiders, who are expressly given access to the network and certain sets of data, have the potential to do a lot more damage than most outside attackers. I'd be skeptical of any study that makes the claim that because most attacks come from the outside that means it's the biggest threat.

    link to this | view in chronology ]

    • identicon
      DanO, 18 Jun 2008 @ 10:44am

      Re: SomeGuy

      You should have read the article.

      The article agrees with you.

      Using a metric of records accessed, it says the median for outside attacks was 30,000 records as opposed to 375,000 for internal attacks.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Jun 2008 @ 5:05am

    I disagree with this study. Wanna know how much time and resources we spend cleaning up from an outside attack? None, thats how much. Never found one that got past security. Doesn't mean we don't spend time implementing and monitoring security though, better safe than sorry. Now, wanna know how much time we spend cleaning up employee stupidity that adversely effects the network? A crapload, thats what. From the idiot that opens up an attachment in outlook that infects his computer with a spammy virus, the person who always hits "accept" in IE when we tell them to accept nothing, the moron who sets up an FTP server on his work computer to send files to his own computer(when there is already a secure way of doing it), and god knows what else. We spend more time and energy cleaning up on "internal" issues, than anything else. Sure, those first two could be considered an "outside attack", but if the person at the keyboard didn't have a problem with malfunctioning neurons.. there would never be a problem in the first place.

    link to this | view in chronology ]

    • identicon
      SomeGuy, 18 Jun 2008 @ 5:32am

      Re:

      Those are all "outside" threats, because none of them originate from the inside -- unless the 'threat' you see from the FTP is that he's leaking data onto the web, but I doubt that. An inside attack is when an authorized user attacks your network. That's not the case in any of your scenarios, you're just complaining that users are still not internet-savvy.

      link to this | view in chronology ]

  • identicon
    Mitch, 18 Jun 2008 @ 5:27am

    Sounds like your security is not up to par Anonymous Coward. Would someone setting up an FTP server not set off any red flags on your network? Are your attachements not screened by anti-virus or an external spam filter? You can't just tell people not to do something, as an admin its your job (and mine) to lock it down. Sounds like the biggest threat to your network is the laziness of its administrators. Malfunctioning neurons? After you develop some network admin skills you should work on your people skill as well.

    link to this | view in chronology ]

  • identicon
    pegr, 18 Jun 2008 @ 5:31am

    Not quite right (perhaps)

    Often, internal breaches are not reported.

    link to this | view in chronology ]

  • identicon
    Overcast, 18 Jun 2008 @ 6:36am

    True - it depends on how you define 'attack' - do you mean an intentional malicious attempt to gain access to a system or data that the person would not otherwise have or an 'attack' of 'ignorance'? :)

    link to this | view in chronology ]

  • identicon
    Jake, 18 Jun 2008 @ 7:16am

    Interestingly, social engineering attacks seem to be down as well; either security procedures are getting more effective or crackers are trying to be too clever for their own good these days.

    link to this | view in chronology ]

  • icon
    Jason (profile), 18 Jun 2008 @ 1:06pm

    Not the point!!

    The whole "biggest threat inside" concept has nothing to do with a comparison of the hostile activity of outsider vs insider. The point is the vulnerability.

    Nothing here touches on how many of those outside attacks were made possible by the un-measurable actions of insiders whether deliberately or not.

    link to this | view in chronology ]

  • identicon
    Jazza, 9 Dec 2009 @ 4:12am

    Hu Cares?

    Lol

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.