How to prevent insiders destroying your network

BT's chief technology officer offers five tips to guard against the threat of employees sabotaging business networks.

The threat of insider attacks has been highlighted recently with the case of Rajendrasinh Makwana, a software engineer who allegedly planted a "logic bomb" on US financial giant Fannie Mae's computer network after his contract was terminated.

If the malicious code had executed, court documents said it would have resulted in destroying and altering all of the data on all 4,000 Fannie Mae servers. It was likely the attack would have cost millions of pounds in damage.

Microsoft then warned companies to expect an increase in insider attacks by disgruntled, laid-off workers as the recession continued. Microsoft's Doug Leland told the BBC that malicious insider breaches were the greatest security concern.

The problem with malicious insiders is that they have access and an understanding of the system and security. They have access to corporate assets, and are already inside.

So what can businesses do about the problem? Graham Cluley, security expert at Sophos, said that as companies make people redundant, they need to manage their exits very carefully.

"Not only from a HR point of view, but also from an IT point of view because they may have had access to systems, passwords and methods to either get into your company physically or electronically which could cause you problems," he said.

Bruce Schneier, chief technology officer for BT, wrote on his blog about the insider problem. He said it was impossible to build a system without trusting people, but offered five techniques managers could use to prevent insider attacks.

1 - Limit the number of trusted people.

The fewer people that have root access to the computer system, the more secure it is.

2 - Ensure the trusted people are indeed trustworthy.

This might involve background checks, lie detector testing, or personality profiling.

3 - Limit the extend of the trust given to each person.

This would limit the amount of damage a single person can do. This could involve giving keys that only unlocks their office, or passwords that only unlock their account.

4 - Give people "overlapping spheres of trust".

The idea behind this is Defence in depth' a principle similar to giving two separate keys to launch nuclear missiles. It makes it much harder for an employee to defraud the system, because two people are needed to do anything.

5 - Detect breaches of trust and prosecute the guilty.

Trusted people will always be able to play the system which means that businesses need to publicly punish the attacker through the court system to provide a deterrent. Auditing is therefore vital in order to discover any breaches.

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

New DNS vulnerabilities put millions of IoT devices at risk of hacking
Internet of Things (IoT)

New DNS vulnerabilities put millions of IoT devices at risk of hacking

13 Apr 2021
Cloud storage: How secure are Dropbox, OneDrive, Google Drive, and iCloud?
cloud security

Cloud storage: How secure are Dropbox, OneDrive, Google Drive, and iCloud?

13 Apr 2021
5G will accelerate cyber crime, predicts former White House CIO
5G

5G will accelerate cyber crime, predicts former White House CIO

13 Apr 2021
How to encrypt files and folders in Windows 10
encryption

How to encrypt files and folders in Windows 10

9 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021