Attacking from Within
We spend a lot of time fortifying our data systems and networks to prevent outside attacks. Recent data breaches at TJX Companies, Card Systems, and the Department of Veterans Affairs remind us of the different ways outsiders can gain access to our systems and conquer massive amounts of highly sensitive data.
However, my third example above – the VA, also gives clue to what I think is the most dangerous risk of all – the threat of an insider compromising systems (knowingly or otherwise). The Air Force has been doing research into developing a system that would help pinpoint potential internal threats.
Security efforts have tended to focus on outside electronic threats, explain Peterson and colleagues. However, they point out that it is insiders that pose the greatest threat to an organization. Insiders are members of the organization who may have access to sensitive information for legitimate purposes but who could betray that trust for illegitimate reasons.
This is pretty ineteresting stuff that plays into using computers to detect non obvious relationships. One downside to this type of technology is that it could be used to detect whistleblowers. This article I’ve linked to talks about them running their system across the email history of Enron. And while it doesn’t flat out name Sherron Watkins as being a potential threat, some other materials I’ve read on this system have indicated that she was one of the people flagged by this system.
Pretty interesting stuff to keep abreast of.
Read More -> Sniffing Out Insider Threats