The Rise and Rise in Cyber Fraud (The Internal Threat)

Published: 13 February 2017

2017's biggest projected threats and how Osirium's privileged access management solution can help protect your business from them Threat Horizon 2017 THREAT HORIZON 2017: DANGERS ACCELERATE This diagram shows the nine new threats in the Threat Horizon 2017 report along with those which remain applicable from the 2015 and 2016 reports.An organisations leaders can use these threats to build a plan to strengthen their resilience and reduce the chances of suffering reputational, operationalor financial damage. Foresight and preparation are essential now to deal with future challenges. Source: Threat Horizon 2017 report | Copyright© 2015 Information Security Forum Limited | All rights reserved. 1.1 Supercharged connectivity overwhelms defences 1.2 Crime syndicates take a quantum leap 1.3 Tech rejectionists cause chaos 2.1 Dependence on critical infrastructure becomes dangerous 2.2 Systemic vulnerabilities are weaponised 2.3 Legacy technology crumbles 2.4 Death from disruption to digital services 3.1 Global consolidation endangers competition and security 3.2 Impact of data breaches increases dramatically 2017 INCREASING DECREASING STILL A CONCERN 1 The CEO doesnt get it 2 Organisation cant get the right people 3 Outsourcing security backfires 4 Insiders fuel corporate activism 5 Hacktivists create fear, uncertainty and doubt 6 Crime as a Service (Caas) upgrades to v2.0 7 Information leaks all the time 8 BYOC (bring your own cloud) adds unmanaged risk 9 Bring your own device further increases information risk exposure 10 Government and regulators wont do it for you 2015 1 Nation-state backed espionage goes mainstream 2 A Balkanised Internet complicates business 3 Unintended consequences of state intervention 4 Service providers become a key vulnerability 5 Big data = big problems 6 Mobile apps become the main route for compromise 8 The CEO gets it, now you have to deliver 9 Skills gap becomes a chasm 7 Encryption fails 10 Information security fails to work with new generations 2016 ThreatHorizon ! DISRUPTIONDIVIDES AND CONQUERS COMPLEXITYCONCEALSFRAGILITY COMPLACENCYBITES BACK FAILURETO DELIVERTHE CYBERRESILIENCEPROMISE CONFIDECEIN ACCEPTEDSOLUTIONSCRUMBLES NO-ONE LEFTTO TRUST INCYBERSPACE THE ROLE OFGOVERNMENTMUST NOT BEMISUNDERSTOOD THE CHANGINGPACE OFTECHNOLOGYDOESN’T HELP CRIMINALSVALUE YOURREPUTATION REPUTATIONIS THE NEWTARGET FORCYBER ATTACKS CYBER RISK ISCHALLENGINGTO UNDERSTANDAND ADDRESS 2 0 1 7 2 0 1 6 2 0 1 5

Cyber crime cost UK businesses £1bn last year, but what is the true price?

In the news, we've seen a lot about the continual online abuse of consumers, but the increase in B2B fraud is something not enough leaders are talking about. Cybercrime and corporate fraud against UK businesses was up seven-fold in 2016, with 90% of companies interviewed in a recent Kroll survey experiencing a cyber-attack or loss of information, giving the UK the second highest rate of cyber incidents per capita. Intrusion is no longer about someone breaking through a window after business hours. The biggest threat to businesses today is a silent one that exists 24 hours a day, both from the outside and more worryingly, from within. The risk is one that can destroy companies reputation and sink the careers of senior executives. 

All the data shows that risk from the inside is on the rise... 

Current or ex-staff members engaging in theft of some kind or misusing company credit cards and expense accounts was in the top 10 most reported crimes last year. With a total of 37,070 reported to City of London's National Action Fraud Centre, the central point for reporting this kind of crime in the UK, with companies in London and Essex most affected, with respectively 5,742 and 2,505 reports of cybercrime. For example, a recent scam where cold callers pretending to be members of bank fraud departments persuaded 750 Lloyds and Royal Bank of Scotland customers to reveal security details and £113m for the taking. Three Lloyds insiders were later convicted, and police described the insider attack as one of the biggest cyber fraud scams ever investigated in the UK.

   

Insider threats still aren’t recognised as the gaping issue they are… 

Extortion via ransomware, phishing, malware, mandate fraud, spearphishing, theft of physical assets, misappropriation of funds; there’s a whole community of attackers learning from each other, and the list becomes more intelligent and devastatingly effective every day. Burglar alarms are all very well but not when you or a colleague is letting criminals walk through the front door. Whether it’s malicious, someone who’s been deceived, or even someone who’s made a mistake, an insider could bring down your business with a single USB or a WeTransfer account. Or at the very least make off with $420m and destroy your reputation, like Target in 2013: the victim of an insider attack through an unwitting vendor with access to their infrastructure.   With cloud services like Dropbox, Google drives, social media, the use of big data and employees using their own devices to work, letting increasing numbers of strangers through the front door is becoming common business practice. Contractors, managers and other privileged access users require legitimate access to an organisations cyber-assets, but they massively increase insider vectors. Malicious insiders have knowledge of and unrestricted access to proprietary systems, so their actions can easily go undetected by security systems designed to defend against external threats. The impact of insider threats can devastate company revenues, business continuity, customer satisfaction, corporate reputation and employee morale, and everyone pays the price. It's not just big brands like Target either; a student accommodation company was manipulated into giving away data that led to the loss of £230,000. A report from the Federation of Small Businesses (FSB) estimates that small businesses in the UK are attacked over 7 million times per year, despite 93% claiming to have taken steps to protect themselves from insider threats. 

Traditional measures used to defend against external threats just don’t work for insiders… 

It’s clear that businesses need to have systemic processes in place to prevent, detect and respond to such risks to avoid catastrophic financial and reputational damage. Unfortunately, many corporate security strategies focus on traditional network defence systems that are reactive and designed to detect intrusions at the perimeter. By implementing a privileged access management (PAM) strategy, businesses can see what is going on inside at all times to mitigate the insider threat. PAM allows you complete control of all privileged account activity across multiple networks: 

What is Privileged Access Management (PAM)? 

Osirium’s Privileged Access Management suite: 

  • Perfectly manages context driven access over any number of systems across an infrastructure. 
  • Authorises privileges for users only when and in which systems they are needed, then automatically revokes those privileges once the requirement is complete. 
  • Automates administrator tasks without exposing Privileged Accounts, securing the most vulnerable entry points for attackers & improving workflow.  
  • Ensures full accountability and visibility for meeting compliance mandates and deters insider threats by providing irrefutable evidence & granular audit trails of privileged activities. 
 

Addressing the balance with (PAM)… 

No one really knows how big the problem is. There’s a lack of prioritisation around the potential impact of insider threats; international policing has yet to catch up both in terms of skills needed to catch cyber criminals and manpower. Also, insider attacks remain under-reported (many businesses just keep quiet because they don’t want to risk reputational damage). One-third of UK firms are stockpiling bitcoins in case of such an attack, to use as ransom payment for the restoration of access or the return of their data, which is a clear indicator that things are out of control. PAM applies the controls and visibility to valuable assets on an infrastructure and will prevent this growing problem, keeping corporate assets, and reputations truly safe from the insider threat.   

To find out more about how Osirium can help protect against insider threat and control the misuse of privileged accounts, visit www.osirium.com.

Release Date: 
Monday, 13 February 2017
Article Type: 
Blog Post