This week, the Justice Department announced that Martin Mehran Taheri of Sterling, VA plead guilty to illegally accessing and then sabotaging the computer systems of his former employer, which is HQ’d in Reston, VA. The release tells the classic insider threat tale of how a former employee used credentials he should not have had to penetrate and attack systems he no longer had authorization to access. The story doesn’t stop at the release. To understand everything that happened, you need to read the indictment. It reveals that Taheri used the computer network of his new employer, the Smithsonian Institute, at least once, to illegally access his former employer’s systems.
This case should serve a wakeup call for anyone who is responsible for defending their organization against the insider threat. You need be on the lookout for how malicious insiders are impacting your business’ systems and data, AND for how insider threats could be using your network to perpetrate illegal activities against others.
This week's #insiderthreat news from @DtexSystems: Guilty insider accessed former employer's systems via @smithsonian network; @christywyatt talks transparency/accountability/privacy with @infomgmt; @briankrebs exposes risky @trello…
Click To Tweet
Productivity, Collaboration and the Insider Threat
Employees have plenty of cloud-based collaboration apps to choose from and use. With 25 million users, Trello has certainly become popular. When used incorrectly, these apps can increase insider threat risks significantly.
This week, KrebsonSecurity reported that employees at a wide range of organizations, spanning across the insurance, transportation and government industries, were sharing passwords for “sensitive internal resources” on personal Trello boards that were exposed online. Uber was in the mix. This story should prompt insider threat team members to educate employees on how to use collaboration apps securely and to monitor for related activities. Read the full story: When Your Employees Post Passwords Online
This week, in Information Management and HealthData Management, our CEO Christy Wyatt had a chance to talk about transparency and accountability. These two critical components should be a part of all insider threat and monitoring strategies. In the story that highlighted recent Ponemon data showing that organizations are losing millions every year because of insider threats, Brian Horowitz wrote:
Companies need to keep their insider threat strategies transparent, according to Christy Wyatt, CEO of Dtex Systems, which offers an intelligence platform to combat insider threats. “There needs to be assurances that internal leadership won’t use collected data to abuse power,” she says.
Read the full story: Poor data hygiene a leading cause of costly insider security threats
Christy continued to take part in the transparency, accountability and privacy discussion when she spoke with Lizette Chapman of Bloomberg and Fahmida Rashid of Decipher. We expect to see several contributed bylines from her publish in the coming weeks that address these topics.