We often talk about Ransomware, Denial of Services or Cross Scripting attacks, all of which are attacks launched from outside the corporate network but…

What about those attacks that originate within the organization, more commonly known as insider attacks? What motivations are behind them? How do they affect companies?

The profile of the attacker can vary greatly: infiltrated spies, disgruntled employees, a former worker with a desire for revenge or a terrorist seeking to collapse a critical infrastructure are just some possible examples.

In general, the author of these attacks is a worker or former employee of the company with privileged access and great knowledge of the corporate network.

One of the biggest mistakes made by companies, in terms of security, is not to take into account the existence of insider attacks when designing their security measures and systems.

According to some data extracted from the report “2016 Cost of Data Breach Study: Global Analysis” by the Ponemon Institute, data breaches are caused by:


of data breaches are caused by insiders attacks


of data breaches are caused by failures or errors in the IT or business processes


of data breaches are caused by negligence of employees or contractors

On the other hand, the average per capita cost of data breaches remediation is (in USD):


In the case of insider attacks


Failures or errors in the processes


Failures due to the human factor

One of the most famous insider attacks took place in Australia, when an employee of a water treatment plant accessed the pump system and poured sewage. Another example ocurred when Snowden stole classify information from the NSA. There is one last case we would like to highlight, it happened in Israel, when an employee of the governemnt sold in the black market information from 9 million citizens.

Would the same happen with AGU?

Follow us on Twitter and LinkedIn to stay up on the latest updates and remember that you can also subscribe to our blog!.