Insiders pose greater threat to businesses than outsiders
Social engineering is the number one insider threat problem.
The Insider Threat is the most dangerous way to gain inside access to sensitive information.
Balabit surveyed 494 IT security practitioners at the Black Hat USA 2015 conference held in Las Vegas and Black Hat Europe 2015 held in Amsterdam for its recent CSI Report.
The research highlights the Top 10 most popular hacking methods:
- Social engineering (e.g. phishing)
- Compromised accounts (e.g. weak passwords)
- Web-based attacks (e.g. SQL/command injection)
- Client side attacks (e.g. against doc readers, web browsers)
- Exploit against popular server updates (e.g. OpenSSL, Heartbleed)
- Unmanaged personal devices (e.g. lack of BYOD policy)
- Physical intrusion
- Shadow IT (e.g. users' personal cloud-based services for business purposes)
- Managing third party service providers (e.g. outsourced infrastructure)
- Take advantage of getting data put to the cloud (e.g. IAAS, PAAS)
Over 70 percent of respondents said that insiders are more risky than outsiders even when attacks are started from the outside and target an insider's privileged user accounts. When a breach occurs, outsiders normally gain access to the inside with minimal effort and the help of insiders, no matter if it's accidental or intentional.
Zoltán Györkő, CEO at Balabit says organisations should “know their enemy by knowing who is behind their user accounts, and determining whether it is a legitimate user or a masked hacker. This should be the fundamental priority in every kind of organisation's IT security strategy.”