New Frontiers of Network Security: The Threat Within

Abstract

Nearly 70% of information security threats originate from inside an organization. Opportunities for insider threats have been increasing at an alarming rate with the latest trends of mobility (portable devices like Laptop, smart phones etc.), ubiquitous connectivity (wireless or through 3G connectivity) and this trend increases as more and more web-based applications are made available over the Internet. Insider threats are generally caused by current or ex-employees, contractors or partners, who have authorized access to the organization's network and servers. Theft of confidential information is often for either material gain or for willful damage. Easy availability of hacking tools on the Internet, USB devices and wireless connectivity provide for easy break-ins. The net result is losses worth millions of dollars in terms of IP theft, leakage of customer / individual information, etc. This paper presents an understanding of Insider threats, attackers and their motives and suggests mitigation techniques at the organization level