Insider Threat Management

Breach Report: What do Banks, Craft Stores and the Gov’t Have in Common?

The VA hasnIt seems like every week there are plenty of data breach related stories. This week was no different, and, there are valuable lessons for any IT security professional to take away from this week’s Breach Report.

TD Files Suit Against Former Employee

Before resigning from his position as a loan officer at TD, DiSanto accepted a job at the Kearny Federal Savings Bank in Fairfield.According to a lawsuit filed in federal court in Newark, NJ, Patrick DiSanto emailed himself confidential files hoping to poach loan customers at his new job. His new employer set up an email address for him and he proceeded to send himself tax returns, credit approvals and other documents.

DiSanto is far from the first employee at a bank to use access to the personal information of customers for financial gain. Employees are trusted with extremely valuable information and sometimes profit and curiosity can make it hard to resist taking advantage of that trust. Insider threats come in all shapes and sizes. We have seen hospital employees steal patient informationgovernment contractors release confidential data and even executives betraying their partners before going to the competition.

Department of Veteran Affairs

In one of the more unique stories this week, The Department of Veteran Affairs (VA) failed its sixteenth straight cybersecurity audit.  Given that these audits are done yearly, the VA hasn’t passed a cyber security audit since 1997!

Perhaps the most staggering aspect of this entire story is that the lack of cybersecurity is a result of human information leakage, and not data.  This supports the ever more popular finding that users are a main source of cybersecurity threats.  Even with an ample amount of security in place, users still have the ability harm an organization’s cybersecurity by doing something as simple as misplacing a Post-It note.

According to department CIO Stephen Warren, “The places and the times where we have fallen short of our stewardship responsibility has been in the process, paper and people standpoint.  It hasn’t been on the cyber side.”

Anonymous Strikes Again

This week, the ever persistent and always controversial Anonymous successfully completed another social justice themed hack by infiltrating the Twitter accounts and website of current chapters of the Ku Klux Klan (KKK).  The hack was inspired by the KKK Twitter account @KuKluxKlanUSA after numerous Klan members threatened to use “lethal force” against Ferguson, Missouri protestors.

Anonymous also hit the Klan’s website with a distributed denial-of-service (DDoS) attack, which shut down the website throughout the week.

Staples and Michaels Data Breaches Linked

As our friend Brian Krebs reported earlier this week, the breach at Staples was found to have “some of the same criminal infrastructure” seen in the Michaels data breach earlier this year.  Both companies suffered point-of-sale (PoS) attacks.

According to Krebs, the malware used in the Staples breach communicated with the same networks as the malware in the Michaels breach.  Although Staples is still working with authorities, it is rapidly becoming clear that the same people may be behind all of the PoS attacks.  Krebs believes that before Black Friday, another PoS attack will likely come to light.

In 2015, the biggest security risk to your company will be your users. Understanding this risk and making sure your security solutions are equipped to meet it will be vitally important. If you are looking to improve how your company meets user based threats, check out an EMA report: Mitigating User-Based Risks.

Subscribe to the Proofpoint Blog