Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

12/11/2008
12:42 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

How Companies Can Use IT Security To Protect Against Insider Attacks

Tough economic times present increased motivation for cybercrime. Experts from Gotham Digital Science share tactics that companies can use to protect against security attacks executed by disgruntled or former employees

New York, NY, December 11, 2008 - Companies are vulnerable to IT attacks from criminals and competitors during the best economic climate and face increased risk when times are hard. According to Gotham Digital Science, an information security consulting firm that works with clients to identify, prevent, and manage security risks, the current downturn puts organizations at increased risk for attacks not only from anonymous criminals but from disgruntled or former employees.

"Desperate times sometimes call for desperate measures. In an economic downturn, IT workers can be tempted to utilize their knowledge of an employer," said Matt Bartoldus, Director with Gotham Digital Science in London. "A disgruntled or laid off employee can be motivated by revenge or financial necessity to steal and/or sell data or cause work disruptions, and has familiarity that can be devastating to an organization."

Gotham Digital Science, which helps clients assess risk in order to protect against and prevent cyber attacks that can lead to loss of money, intellectual property, customer information, and reputation, recommends a number of actions a company can take to thwart attacks.

Manage Access: A disgruntled employee with knowledge of sensitive information can wreck havoc in minutes. Manage all the users on your network from a single source such as Windows Active Directory. This will enable you to both disable access to confidential information if an employee leaves or is laid off as well as to easily perform a routine audit to ensure that only authorized users are accessing the network.

Protect your Data: Sensitive business information is often accessible to a wide range of employees, all of whom have the potential to copy and steal valuable information such as customer data, intellectual property, and financial information. Databases and shared network files (spreadsheets, word documents, reports containing charts and tables) often contain confidential information. Distribute sensitive data on a need to know basis and review network file storage to ensure access is limited to those who need it. Systems should be regularly reviewed and any unnecessary or outdated files should be removed. For highly confidential information, limit document printing and the use of cell phones with cameras.

Restrict Data Transmission: In addition to limiting access to information, manage the methods through which data can leave the premises. Limit internet services to necessary sites, restrict use of unauthorized websites to prevent access to personal sites, and disable removable media to prevent sensitive date from being copied onto USB thumb drives or mobile phones. The same policy should be applied to CD/DVD writers to pre-empt the chance of sensitive information walking out the door.

Think like an IT security specialist: IT staff, developers and system administrators have knowledge of and access to the systems that run your company. Make sure to change passwords and remove access whenever one of these employees leaves, and run a scan to check for "backdoors" that allow undetected remote network access and other malicious programs that can cause damage.

Keep Track of Information: Should a security breach occur, identifying the source will help understand the scope of the problem and solve it more quickly. Archiving emails and phone records, saving deleted emails, and recording and logging phone calls will enable you to trace the origin.

"In reality, these are things that companies should be doing regardless of the economic climate," said Brian Holyfield, a Director with Gotham Digital Science in New York. "But they become even more critical during a downturn. With these small steps, companies can protect themselves against a wide range of possible threats."

Notes to Editors

* Earlier this month IBM's ISS X-Force research team identified a 30% increase in network and web-based security events over the last 120 days, with the total number rising from 1.8 billion to more than 2.5 billion worldwide per day, according to data pulled from its managed security services client base of approximately 3700 clients worldwide.

* According to another December study, "The Global Recession and its Effect on Work Ethics", by IT security data experts Cyber-Ark Software, more than half of 600 surveyed office workers from New York's Wall Street, London's Docklands and Amsterdam, Holland, have already downloaded competitive corporate data and plan to use the information as a negotiating tool to secure their next post.

* According to the Ponemon Institute's "2007 Annual Study, The Cost of a Data Breach," the average total cost per data breach is more than $6.3 million to a US company.

* According to new research from IT services company Vistorm, UK companies claim to understand the security challenges their businesses face and the consequences of non-compliance, yet only 48% do anything about it. Of 100 UK businesses surveyed, 79% of companies knew which of their assets were business-critical and 91% understood the consequences of non-compliance. It also found that 43% of companies have inadequate security controls in place for protecting mobile data.

About Gotham Digital Science

Gotham Digital Science (GDS) is an information security consulting firm that works with clients to identify, prevent, and manage security risks. GDS specializes in security testing, software security, and risk management and compliance. GDS develops tools that solve specific security issues and offers a number of security training programs for IT professionals. With offices in New York and London, Gotham Digital Science can seamlessly assist clients on both sides of the Atlantic. For more information, visit our website at www.gdssecurity.com.

Contact Information

Brian Holyfield, Director, Gotham Digital Science, New York, +1 917 375 5891, [email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31755
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31756
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
CVE-2021-31757
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31758
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31458
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...