Published: 13 February 2017
In the news, we've seen a lot about the continual online abuse of consumers, but the increase in B2B fraud is something not enough leaders are talking about. Cybercrime and corporate fraud against UK businesses was up seven-fold in 2016, with 90% of companies interviewed in a recent Kroll survey experiencing a cyber-attack or loss of information, giving the UK the second highest rate of cyber incidents per capita. Intrusion is no longer about someone breaking through a window after business hours. The biggest threat to businesses today is a silent one that exists 24 hours a day, both from the outside and more worryingly, from within. The risk is one that can destroy companies reputation and sink the careers of senior executives.
Current or ex-staff members engaging in theft of some kind or misusing company credit cards and expense accounts was in the top 10 most reported crimes last year. With a total of 37,070 reported to City of London's National Action Fraud Centre, the central point for reporting this kind of crime in the UK, with companies in London and Essex most affected, with respectively 5,742 and 2,505 reports of cybercrime. For example, a recent scam where cold callers pretending to be members of bank fraud departments persuaded 750 Lloyds and Royal Bank of Scotland customers to reveal security details and £113m for the taking. Three Lloyds insiders were later convicted, and police described the insider attack as one of the biggest cyber fraud scams ever investigated in the UK.
Extortion via ransomware, phishing, malware, mandate fraud, spearphishing, theft of physical assets, misappropriation of funds; there’s a whole community of attackers learning from each other, and the list becomes more intelligent and devastatingly effective every day. Burglar alarms are all very well but not when you or a colleague is letting criminals walk through the front door. Whether it’s malicious, someone who’s been deceived, or even someone who’s made a mistake, an insider could bring down your business with a single USB or a WeTransfer account. Or at the very least make off with $420m and destroy your reputation, like Target in 2013: the victim of an insider attack through an unwitting vendor with access to their infrastructure. With cloud services like Dropbox, Google drives, social media, the use of big data and employees using their own devices to work, letting increasing numbers of strangers through the front door is becoming common business practice. Contractors, managers and other privileged access users require legitimate access to an organisations cyber-assets, but they massively increase insider vectors. Malicious insiders have knowledge of and unrestricted access to proprietary systems, so their actions can easily go undetected by security systems designed to defend against external threats. The impact of insider threats can devastate company revenues, business continuity, customer satisfaction, corporate reputation and employee morale, and everyone pays the price. It's not just big brands like Target either; a student accommodation company was manipulated into giving away data that led to the loss of £230,000. A report from the Federation of Small Businesses (FSB) estimates that small businesses in the UK are attacked over 7 million times per year, despite 93% claiming to have taken steps to protect themselves from insider threats.
It’s clear that businesses need to have systemic processes in place to prevent, detect and respond to such risks to avoid catastrophic financial and reputational damage. Unfortunately, many corporate security strategies focus on traditional network defence systems that are reactive and designed to detect intrusions at the perimeter. By implementing a privileged access management (PAM) strategy, businesses can see what is going on inside at all times to mitigate the insider threat. PAM allows you complete control of all privileged account activity across multiple networks:
Osirium’s Privileged Access Management suite:
No one really knows how big the problem is. There’s a lack of prioritisation around the potential impact of insider threats; international policing has yet to catch up both in terms of skills needed to catch cyber criminals and manpower. Also, insider attacks remain under-reported (many businesses just keep quiet because they don’t want to risk reputational damage). One-third of UK firms are stockpiling bitcoins in case of such an attack, to use as ransom payment for the restoration of access or the return of their data, which is a clear indicator that things are out of control. PAM applies the controls and visibility to valuable assets on an infrastructure and will prevent this growing problem, keeping corporate assets, and reputations truly safe from the insider threat.
To find out more about how Osirium can help protect against insider threat and control the misuse of privileged accounts, visit www.osirium.com.