Most Cyber Attacks are Inside Jobs

According to IBM Security research, 75% of insider cyber attacks involved malicious intent and 25% involved inadvertent actors. It was also found that the top three industries most under attack are healthcare, manufacturing and financial services, due to the large quantity of personal data, intellectual property and physical inventory available, as well as massive financial assets, respectively. (1)

The dark web market for PHI/ePHI records sets, stolen credit card and personally identifiable information (PII) is massive, ePHI record sets are selling for over $150.00 with some estimates claiming the total value of compromised records to be nearly $120 billion annually. While the value of different types of data varies, the fact remains that cyber criminals are reaping a financial bonanza when capturing sensitive information. (2)

One way that cyber criminals are now collecting sensitive data is by recruiting employees and turning them into malicious insider threats. A 2016 McAfee report specifically cited the healthcare industry as being plagued by such types of insider threat.(3)

Experts estimate that 99% of computers are vulnerable to cyber-attacks.(4) “Companies must take proper precautions when it comes to detecting and preventing potential inside threats,” said Timothy Crosby, senior security consultant at Spohn Security Solutions. “Cybersecurity must include proper training so that mistakes are not made that leave a company’s information vulnerable to a hack. Extensive background checks, effective in house training, and constant vigilance are all needed to protect a company’s assets.”

According to the Federal Insider Threat Report, approximately 50% of federal agencies were targeted by inside threats in 2015. Forty percent of such threats were unintentional, with the remainder being malicious—resulting in unauthorized access to sensitive documents. Most importantly, however, is that one in three of these inside attacks were successful. (5)

Breaches are sometimes made accidentally. According to a worldwide survey of Information Security Forum (ISF) members, the clear majority of network breaches were caused innocently through accidental or inadvertent behavior by insiders without any intention of harming their employers. In many cases, that vulnerability was, ironically, the result of…

Read the full article from the Source…

Leave a Reply

Your email address will not be published. Required fields are marked *