Internal threats originate from
individuals who have or have had authorized access to the network. This could be
a disgruntled employee, an opportunistic employee, or an unhappy past employee
whose access is still active. In the case of a past network employee, even if
their account is gone, they could be using a compromised account or one they set
up before leaving for just this purpose.
Many surveys and studies show that internal attacks can be
significant in both the number and the size of any losses. If dishonest
employees steal inventory or petty cash, or set up elaborate paper-invoicing
schemes, why wouldn’t they learn to use the computer systems to further their
ambitions? With access to the right systems, a trusted employee can devastate an
unsuspecting organization.
All too often, employers fail to prosecute this type of activity.
The reasons range from fear of the activity becoming public knowledge to knowing
that, quite often, record-keeping systems haven’t been developed either to
provide adequate evidence or to prove that the transactions, no matter how
ludicrous, weren’t authorized.
|
Note |
I was helping a dentist reconstruct a substantial loss by an
office manager when we were all served with papers threatening all sorts of
repercussions if we spoke to anyone, including the police, about the matter.
Because less than three days had passed since the loss was inadvertently
exposed, I was shocked at the coolness and speed of the reaction. After a little
research, I found this was at least the third dentist in seven years who had
been scammed by the same person. The bottom line is that the bonding company and
the dentist came to terms, and I never heard another word about it. |
Sections
Comments (0 posted)
Syndication
