We often talk about Ransomware, Denial of Services or Cross Scripting attacks, all of which are attacks launched from outside the corporate network but…

What about those attacks that originate within the organization, more commonly known as insider attacks? What motivations are behind them? How do they affect companies?

The profile of the attacker can vary greatly: infiltrated spies, disgruntled employees, a former worker with a desire for revenge or a terrorist seeking to collapse a critical infrastructure are just some possible examples.

In general, the author of these attacks is a worker or former employee of the company with privileged access and great knowledge of the corporate network.

One of the biggest mistakes made by companies, in terms of security, is not to take into account the existence of insider attacks when designing their security measures and systems.

According to some data extracted from the report “2016 Cost of Data Breach Study: Global Analysis” by the Ponemon Institute, data breaches are caused by:

  • 48%

    Hackers or insiders

  • 27%

    Errors in the IT or business processes

  • 25%

    Negligence of employees or contractors

On the other hand, the average per capita cost of data breaches remediation is (in USD):

  • 170

    Insider attacks
  • 138

    Failures in the processes
  • 133

    Human mistakes

One of the most famous insider attacks took place in Australia, when an employee of a water treatment plant accessed the pump system and poured sewage. Another example ocurred when Snowden stole classify information from the NSA. There is one last case we would like to highlight, it happened in Israel, when an employee of the governemnt sold in the black market information from 9 million citizens.

Would the same happen with AGU?

Follow us on Twitter y LinkedIn to keep up-to-date with the latest news.