Black HatSecurity+Virus

Malicious Insider Threats

Malicious Insider Threats: One of the most dangerous threats to any network is an insider who is intent on doing harm. By being an insider, they have already gotten past your first defense and they might be motivated by a desire to make someone pay for passing them over for promotions, bored and looking for something to do, or driven by any of a plethora of other motivations.

It may surprise you, but people can be bribed to give away information, and one of the toughest challenges is someone on the inside who is displeased with the company and not afraid to profit from it.

This is known as malicious insider threat, and it can be far more difficult to contend with than any outside threat since they already have access—both physical and login—to your systems.

 

If someone gives out the keys, you won’t necessarily know it has occurred. Those keys can be literal (as in the keys to the back door) or figurative (the keys to decrypt messages).

 

Just as you must guard your systems from outside attackers, you also must protect them form malicious insiders.

One approach to this is through white box testing. Using ethical hacking techniques, you begin testing your systems from the premise of knowing something about the network and system in place—just as malicious insider would.

You try to find a weakness armed with information about the source code, the routing, and so on (this is also occasionally referred to as full disclosure testing).

 

Related Articles

Leave a Reply

Back to top button