100 percent of organizations have active insider threats
A new study from user behavior intelligence specialist Dtex Systems has uncovered active insider threats in all of the organizations it assessed.
Failure to gain visibility is allowing malicious and negligent employees to engage in undetected high-risk activities on every endpoint, on and off the network.
Malicious employees are users that intentionally harm their organizations through theft, sabotage, and blatant disregard for security. Negligent employees are those that hurt their organization due to a lack of defenses, lack of awareness, carelessness and error.
"Organizations come to us because they know their employees are engaged in risky behaviors. They usually have no clue of how wide spread these activities are until after we eliminate the insider threat blind spot for them," says Rajan Koo, vice president of customer engineering and lead threat researcher at Dtex. "After we provide them with intelligence that shows them where risk exists, they are able to take steps to mitigate situations before they worsen."
Among the findings are that 78 percent of assessments found instances of company data that was accessible via the public web, caused by negligent employees’ improper use of Google Drive, Dropbox, Box and other cloud apps; up 14 percent over last year.
60 percent of assessments identified instances of malicious employees using anonymous and VPN browsing to bypass security controls or to research how to bypass controls. In addition 90 percent discovered that negligent employees were transferring company data to unencrypted and unauthorized USB devices.
Negligent employees were expanding the phishing attack surface by accessing personal web mail accounts on company machines in 91 percent of assessments; a behavior that was up four percent over last year.
The assessments also exposed a 'revenge' attack, where a malicious employee filled out online forms with a senior staff member’s contact details, causing the target’s inbox and phone to be overrun with nuisance emails and calls.
To conduct the threat assessments, Dtex analyzed anonymized data about user behavior taking place on public and private sector organizations' endpoints. The data was compared to more than 5,000 known bad behavior patterns and then turned into intelligence that revealed where insider threat patterns were active.
You can read more in the full report which is available from the Dtex website.