Insider threats linked to nation states increase 70 percent
Insider threats are usually thought of as being down to disgruntled or careless employees, but a new report from risk management specialist DTEX finds insiders have never been more vulnerable to interference from nation state actors.
The report, by the DTEX Insider Intelligence and Investigations (i3) team, based on more than 1,300 investigations within DTEX's global customer base, finds investigations into insider threats from nation-states and foreign interference increased 70 percent since 2022, mainly within critical infrastructure and public sector.
Nearly a third malicious insider investigations included anomalous reconnaissance behavior, including unusual and repeated research into people and authors of 'crown jewel' topics; performing external and internal research on corporate security controls; or actively exercising internal security controls (for example sending innocuous data via an unapproved medium).
More than 75 percent percent of sophisticated malicious insiders attempted to conceal their activity to evade detection, including attempts to conceal the source of their internet connection. DTEX has also seen an increase of nearly 25 percent in the use of burner email and encrypted messaging accounts since 2022.
“One of the most interesting and unexpected findings from our investigations was that only 12 percent of super malicious insiders, such as those colluding with nation states, are actively bypassing security controls. This underscores the reality of super malicious insiders flexing their tech know-how to avoid getting caught in what is fast becoming a psychological arms race," says DTEX Systems CTO and head of i3 investigations and engineering, Rajan Koo.
Among other findings, more than 90 percent of organizations are concerned by the use of AI within their organizations. The report also finds that 15 percent of departing employees take sensitive IP, while more than 75 percent of employees take non-proprietary data. 41 percent of IP thefts are in the tech sector, with 20 percent in pharma and 14 percent critical infrastructure.
The report also warns about the growing threat of espionage through legitimized channels, with reference to China's Thousand Talents Program.
"Foreign interference and IP theft have reached all time highs," Koo adds. "We've already seen this time over in the headlines, and our investigative findings confirm this reality. While we have seen great progress with insider risk program maturity across the board, the fact remains that no single person, entity, or program can combat the threat of espionage alone. Now more than ever, the public and private sectors must band together to accelerate knowledge transfer and skills development. It is our mission to enable and accelerate best-practice information sharing among trusted allies in the spirit of uplifting insider risk management and, in turn, national security."
You can get the full report from the DTEX site and you can register for a video presentation of the findings to be held on April 17th.
Image Credit: LeoWolfert/Shutterstock