Most likely person to hack: your colleague
By Rene Millman,
The person most likely to be a hacker is not an eastern European criminal or spotty teenager but the person sitting next to you at work, according to a security expert.
Calum Macleod, European director of information security company Cyber Ark said that most common hacker is probably "sitting in the cubicle next to you".
"This is someone who gets to work early, takes his or her turn cleaning out the office fridge, tells funny stories at lunch and, at some point, makes a very dumb move," he said.
MacLeod said that this scenario started when the hacker-next-door sees a file directory or workstation that's just "too juicy to pass by, like one named "Salary Comparison." It's simply too tempting not to peek inside," he said.
He said that curiosity and revenge were the two main factors that motivated this type of hacker.
"These situations take place when a web-savvy employee gets ticked off," said MacLeod. "Maybe their Christmas raise didn't make them too merry. Perhaps their boss just handed them a work improvement plan and a reason to cause trouble."
He said these hackers then sniff around networks looking to access email servers and financial data.
According to data from the FBI, 70 per cent of all security breaches are caused by internal hacker attacks. He said that if a rogue employee wanted to gain access to a system they would most likely look up how to do so via a search engine.
"A few key words later, and anyone can discover that the most common - and effective - type of hack into a target system is to become what's called a "script kiddie," he said.
He said that default passwords are easily found on the internet. MacLeod pointed to a recent survey carried out by his company which found that 20 per cent of all workstations have an Administrator ID that's still set to the default password.
"If the built-in default doesn't work, the would-be hacker may try some simple passwords like CompanyName123," he said. "You'd be stunned how often these basic password scenarios, also available as mini computer programs on the web, are the fastest way into any organization's data."
He said there are automated ways to securely change privileged passwords and to tie an individual ID to a shared one. But he said until "these solutions become standard tools in most enterprises, I'd keep a close eye on the folks around you. You never know who is privileged to your information."
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
What is your password worth?
Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.
- Macs under attack?
- Intel: security inside
- Are you spending too much on IT security?
- Does the government want to snoop on your data?
- Eurocrats versus the cyber criminals
- The truth about spam
- Google and privacy: What’s the problem?
- Q&A: Symantec’s CISO on the source code hack
- RSA: Back from the breach?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- Apple iPad 3 vs iPad 2 head-to-head review
- Hutchison denies it will pull plug on Three UK
- EMC World 2012: Tucci declares Documentum is here to stay
- ICO: Fines for cookie law breakers
- EMC World 2012: EMC talks up cloud, security and big data
- Dell PowerEdge R820 review
- Sony Vaio T13 Ultrabook review: First look
- BlackBerry 7 OS certified to carry 'Restricted' UK government information
- Facebook floatation marred by Nasdaq glitch
- CIO: Career is over?
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
