Most likely person to hack: your colleague
By Rene Millman,
The person most likely to be a hacker is not an eastern European criminal or spotty teenager but the person sitting next to you at work, according to a security expert.
Calum Macleod, European director of information security company Cyber Ark said that most common hacker is probably "sitting in the cubicle next to you".
"This is someone who gets to work early, takes his or her turn cleaning out the office fridge, tells funny stories at lunch and, at some point, makes a very dumb move," he said.
MacLeod said that this scenario started when the hacker-next-door sees a file directory or workstation that's just "too juicy to pass by, like one named "Salary Comparison." It's simply too tempting not to peek inside," he said.
He said that curiosity and revenge were the two main factors that motivated this type of hacker.
"These situations take place when a web-savvy employee gets ticked off," said MacLeod. "Maybe their Christmas raise didn't make them too merry. Perhaps their boss just handed them a work improvement plan and a reason to cause trouble."
He said these hackers then sniff around networks looking to access email servers and financial data.
According to data from the FBI, 70 per cent of all security breaches are caused by internal hacker attacks. He said that if a rogue employee wanted to gain access to a system they would most likely look up how to do so via a search engine.
"A few key words later, and anyone can discover that the most common - and effective - type of hack into a target system is to become what's called a "script kiddie," he said.
He said that default passwords are easily found on the internet. MacLeod pointed to a recent survey carried out by his company which found that 20 per cent of all workstations have an Administrator ID that's still set to the default password.
"If the built-in default doesn't work, the would-be hacker may try some simple passwords like CompanyName123," he said. "You'd be stunned how often these basic password scenarios, also available as mini computer programs on the web, are the fastest way into any organization's data."
He said there are automated ways to securely change privileged passwords and to tie an individual ID to a shared one. But he said until "these solutions become standard tools in most enterprises, I'd keep a close eye on the folks around you. You never know who is privileged to your information."
advertisement
Latest Security Features
The continued curse of cybersquatting
For some, it’s a problem confined to the early days of the Internet. But current figures suggest that the cybersquatting problem is, if anything, growing.
- Where next for Microsoft, Yahoo and Google?
- Top 10 mobile features of 2009
- Top 10 security predictions for 2009
- Top 10 reviews of 2008
- The year in IT news
- Top 10 security stories of 2008
- Top 10 business phones of 2008
- 15 tech charities that need your help
- PCI's Bob Russo: Data loss hurts brand more than a fine
Latest Security Reviews
Fujitsu Siemens FibreCAT SX80 iSCSI
Rating: 
advertisement
Latest News Videos in Security
Video: Mobile security threats and Mac complacency
PlayPart two: Eugene Kaspersky, chief executive and founder of Kaspersky Lab, talks about the increasing security threats mobile users are facing.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?