We all know about the 2013 cyberattack on Target, in which criminals stole the payment card numbers of some 40 million customers and the personal data of roughly 70 million. This tarnished the company’s reputation, caused its profits to plunge, and cost its CEO and CIO their jobs. What’s less well known is that although the thieves were outsiders, they gained entry to the retail chain’s systems by using the credentials of an insider: one of the company’s refrigeration vendors.

Target’s misfortune is just one recent example of a growing phenomenon. External attacks—pervasive intellectual-property hacking from China, the Stuxnet virus, the escapades of Eastern European gangsters—get plenty of attention. But attacks involving connected companies or direct employees pose a more pernicious threat. Insiders can do much more serious harm than external hackers can, because they have much easier access to systems and a much greater window of opportunity. The damage they cause may include suspension of operations, loss of intellectual property, reputational harm, plummeting investor and customer confidence, and leaks of sensitive information to third parties, including the media. According to various estimates, at least 80 million insider attacks occur in the United States each year. But the number may be much higher, because they often go unreported. Clearly, their impact now totals in the tens of billions of dollars a year. [Read more]

http://wp.me/p4sUqu-uc – Michael’s Blog