Know Thy Enemy: Cyber Thieves

LIVE FROM THE ACFE ANNUAL FRAUD CONFERENCE

Cora Bullock
Assistant Editor, Fraud Magazine



In his lively presentation on Monday, Cary Moore, CISSP, EnCE, discussed cyber threats, both from without and within an organization. The insider is the cyber thief who works from within the company and is often a trusted employee.

The insiders fall into the following categories:



  • Traitors - These are people who consciously decide to betray their organization. There is not much information on them in the private sector as usually they are fired, not studied. Red flags include unusual change in work habits and seeking out sensitive projects.
  • Zealots - These firmly believe that the ends justify the means, and their cause is absolutely correct. Being so highly motivated makes them especially dangerous.
  • Spies - In the private sector spies can be working for your biggest competitor. They find out such business intelligence as product development and launches, potentially costing you millions of dollars.
  • Browsers - These employees casually peruse information, not actively seeking out anything specific but will use information for personal gain. They are extremely hard to identify.
    Well-Intentioned - Everyone wants to help, but when an employee receives a pleading email from someone purporting to be a friend or relative, they will scramble to help that person. However, they unleash costly viruses when clicking on links or opening attachments via spear phishing, whaling and smishing.

Moore advised on how to frame and conduct an investigation into these insiders. His tips included looking for bogus accounts, activity at odd or unusual times and employees turning their computer screens so people passing by can't see them.



He said ideally, don't let anyone outside of your company connect to your network, but if you must, have them sign the same network access agreement as your employees, including monitoring by IT. When you have visitors in your building, don't assume they are without suspicion. Make sure they have an escort at all times. They can walk out with your intellectual property safely stored on flash drives hidden in watches, pens, even cufflinks - "for the James Bond in all of us," said Moore.

Read the full article and find more Conference coverage.