Game of Threats
After 8 seasons, Game of Thrones is officially over. Whether you were a fan of the hit TV show or not, there were a few lessons to be learnt from the final season for business owners. As they say ‘art replicating life’.
There is an episode which caught every single viewer by surprise and that was episode 5 of the final season. The ending of the episode, after the initial shock had gone, taught several lessons relating to cyber security.
Spoiler alert for those of you who haven’t watched GoT yet, but intend to at some point or another. To bring you up to speed, the heroine of the show from the beginning is a character called Daenerys Targaryen. She’s the one that is most honest, forthright, selfless and good. Fighting against the powers that be against injustice and tyranny, sometimes singlehandedly.
They call her the mother of dragons because the show’s three dragons, exclusively belonged and were controlled by her alone. She uses them for good, which makes her feared amongst her adversaries, as she has firepower like no-other.
You can see where this is going… Daenerys completely out of character, went on a rampage and burnt down an entire city, full of innocent people, using her favourite dragon.
How this relates to cyber security is quite simple. The biggest threat to your business may not be somebody outside the organisation, but somebody you work with.
Internal or insider threats can be split into two distinct categories: Malicious or unintentional.
Malicious Internal Threats
- Individuals seeking financial rewards: A high percentage of malicious insider threats come from employees seeking to profit financially. However, it is a long term strategy. They don’t just want to take the money and run – they use their position within the company to exploit vulnerabilities in systems in order to bankroll a second income. They try to avoid being flagged in order to remain in their job and continue with their fraud.
- Disgruntled employees: These individuals may be angry at your company for any number of reasons. Their reasons could be more serious in nature or downright petty. From things such as constantly being overlooked for promotions, to not liking the colour of their new uniform. These individuals like the above, abuse their trusted positions within a company, much like Daenarys and her dragon, and go completely power mad – just because they can. The reason for this, more often than not is to wreak pure havoc within an organisation. A recent example of this is the high-profile Morrisons’ data leak of 2014, which was caused by an unhappy employee.
- Former employees: In companies where access rights are not carefully managed, former employees may pose a threat if login details are not taken away once they leave. They could be logging on to utilise company resources or searching for confidential information. They could potentially post defamatory/ profanity messages on social media from company accounts. Finally they could commit industrial espionage to further their position at their new company – especially a competitor company. All of these scenarios show that past employees represent a considerable risk if their digital access isn’t monitored accordingly.
Unintentional Internal Threats
Your biggest threat actually lies with individual employees. Those who didn’t intend the company any harm, but ultimately put the company in danger by taking actions that led to security threats. Within this category, there are several issues to look for:
- Lack of training: First and foremost is a lack of cyber training. Companies are now starting to take cyber security more seriously, and a percentage have increased their cyber security training and support. However, a large number of employers still don’t offer training and if they do, employees may not attend or take the content seriously.
- Poor judgement: It is possible that despite all your training and investments, employees will exhibit poor digital decision making. They could forward an email with sensitive company information to the wrong recipient, store company data on an unsecured personal device and lose said device, or even click a ransomware email.
- Overly helpful: An employee may give out sensitive details/ information by thinking that they are being polite or helpful. When in fact, a criminal is just fishing for information over the phone to try and hack into your systems.
- Misplaced USB drive: A very old yet effective tactic. A hacker ‘accidentally’ drops a flash drive in the workplace car park with the hope that a curious employee picks it up and plugs it into a company computer, which then launches the malware.
- Fake technical support call: Ever had a ‘random’ call from Microsoft Tech Support? These fake calls try to persuade victims to allow the hacker remote desktop access. Please remember that Microsoft never call end-users.
If you are concerned about any of the above, and feel your company is currently at risk of an internal attack, there are several steps you can take to reduce the risk:
- Mandatory, up to date training for staff with reviews. Ensure anyone that has fallen through the cracks receives training immediately.
- Leverage end-point security solutions, such as Hosted Desktop from Venom IT that help keep individual physical devices, such as laptops and tablets, safe and secure. If a device is lost or stolen, the information on the device can be wiped remotely to avoid the risk of data exposure.
- Utilise security tools that help keep your network and digital interactions safe. Venom IT uses sophisticated systems which are used to identify suspicious emails, and we use a combination of tools to block unsecure websites and capture malware long before it gets a chance to enter the network.
- Carefully manage permissions, including tiered permissions for sensitive information and immediately remove access for employees that have left the company. A Cloud-based solution from Venom IT such as Online Backup gives you full control over what employees have access to. For example, the sales department cannot access the HR department’s drive.
Venom IT provides a full range of cyber security solutions, combining Cloud technology with staff cyber security training, which we have found lead to the best long-term results.
Get in touch with us today in order to help prevent an internal data breach.