By Sanjay Aurora, Managing Director, Asia Pacific, Darktrace
Dec. 22, 2016
But insider threats are not just staff with chips on their shoulders. Non-malicious insiders are just as much of a vulnerability as deliberate saboteurs. How many times have links been clicked before checking email addresses? Or security policy contravened to get a job done quicker, such as uploading confidential documents on less secure public file hosting services? We can no longer reasonably expect 100 percent of employees and network users to be impervious to cyber-threats that are getting more advanced - they won't make the right decision, every time.
Organisations need to combat this insider threat by gaining visibility into their internal systems, rather than trying to reinforce their network perimeter. We don't expect our skin to protect us from viruses - so we shouldn't expect a firewall to stop advanced cyber-threats which, in many cases, originate from the inside in the first place.
Just in the past year, immune system defence techniques have caught a plethora of insider threats, including an employee deliberately exfiltrating a customer database a week before handing in his notice; a game developer sending source code to his home email address so that he could work remotely over the weekend; a system administrator uploading network information to their home broadband router - the list goes on.
Due to the increasing sophistication of external hackers, we are going to have a harder time distinguishing between insiders and external attackers who have hijacked legitimate user credentials.
3. The Internet of Things Will Become the Internet of Vulnerabilities
According to IDC, 8.6 billion connected things will be in use across APAC in 2020, with more than half of major new business processes incorporating some element of IoT. These smart devices are woefully insecure in many cases - offering a golden opportunity for hackers.
2016 has seen some of the most innovative corporate hacks involving connected things. In the breach of DNS service Dyn in October, malware spread rapidly across an unprecedented number of devices including webcams and digital video recorders. In Singapore and Germany, we saw smaller but similar incidents with StarHub and Deutsche Telekom. Many of this year's IoT hacks have gone unreported - they include printers, air conditioners and even a coffee machine.
These attacks used IoT devices as stepping stones, from which to jump to more interesting areas of the network. However, sometimes the target is the device itself. One of the most shocking threats that we saw was when the fingerprint scanner that controlled the entrance to a major manufacturing plant was compromised - attackers were caught in the process of changing biometric data with their own fingerprints to gain physical access.
In another attack, the videoconferencing unit at a sports company was hacked, and audio files were being transferred back to an unknown server in another continent. Want to be a fly on the wall in a FTSE100 company's boardroom? Try hacking the video camera.