With more access, insiders pose more threats: Cyber experts

Sunil Pradhan
Tuesday, 5 June 2018

Pune: On May 20, a 24-year-old employee of a digital marketing company Yakub Shaikh was arrested by the Kondhwa police for stealing confidential data worth Rs 9.5 lakh and selling the same to his client.

Yakub Shaikh was working with Saleaders Solutions Private Limited is a firm dealing with digital marketing located in Kondhwa. Shaikh (24), who was good in understanding technology, was working as a business development manager for the past three years at the company.

Pune: On May 20, a 24-year-old employee of a digital marketing company Yakub Shaikh was arrested by the Kondhwa police for stealing confidential data worth Rs 9.5 lakh and selling the same to his client.

Yakub Shaikh was working with Saleaders Solutions Private Limited is a firm dealing with digital marketing located in Kondhwa. Shaikh (24), who was good in understanding technology, was working as a business development manager for the past three years at the company.

In other similar case of data theft, Kamesh Gaud hailing from Madhya Pradesh was booked on March 27 by the Yerawada police for allegedly stealing confidential data of a software company in Kalyani Nagar and causing a loss of about Rs 50 lakh to the company. Kamesh was earlier and employee of the same company.

Such incidents of thefts clearly highlight the threat insiders pose for a company highlighting the need to create employee policies to restrict such incidents. Cyber experts have frequently pointed that insiders have an edge compared to outsiders and so to be safe, companies not only have to focus on preventing attacks from outsiders but also from insiders. 

Cyber expert Anil Raj of Cybervault Securities Solutions Private Limited, who is studying trends of insider threats in industry said that above 50 per cent of the attacks carried out on a company involve an insider. 
“In some cases, it is a disgruntled employee involved in the attack or theft while in some cases, it is found that the employee is stealing information for personal benefits either monetary or non monetary,” he added.

Speaking on ways to keep a watch on activities of insiders, Raj said that there is need to have a strong access control mechanism placed in a particular system.

“An attacker has to access a system before he launches an attack or steals data.There should be teams monitoring people accessing the information or a network. The access logs generated in the company should be monitored periodically to be safe from insider attack. Access controls can also be set which should be role based and time based,” he added.

To control incidents of data thefts, Raj suggests that data can be stolen either in soft copy format or hard copy. “Companies can set regulations on the use of printer so that confidential data is not leaked through printers. Similarly, hard drives should not be allowed by companies and unauthorised use of hard drives should be tracked by the company. It is also found that inside attackers use e-mails to steal data and this can also be tracked by system administrators,” he added. 

Another cyber expert Chirayu Mahajan of Ana Cyber Forensics limited said that employees working in the Information Technology department at any company have more access to data which is stored on computers. “Companies should have water tight agreement with their employees so that confidential information is not leaked. An insider can leak information knowingly or unknowingly like we have seen in the case of social engineering and hence, cyber security awareness on a periodical basis is must for the insiders,” he added.

The experts highlighted that employees should also be made aware about intellectual property and copyright laws so that they are aware that they can be penalised for stealing information.

Related News