Every two weeks, we bring you a round-up of cases and stories that caught our attention in the realm of Insider Risk. In this second edition of our Insider Risk Digest, we will be exploring developments ranging from Espionage within the British Government, Data Breaches in the aviation industry, and fresh data from Ponemon’s 2023 Cost of Insider Risk report.
Our first case revolves around a case of Espionage in the British Government. An individual, working as a Parliamentary researcher, has been arrested on suspicion of spying. The individual is understood to be linked with various senior Conservative Members of Parliament, including those screened and cleared for access to sensitive information. It is alleged that this individual was spying on behalf of China, whose government is attempting to influence foreign governments and target dissidents abroad. The Intelligence agencies in Britain, including MI5, have been warning the Conservative Party that its potential candidates for employment could be Chinese spies, outlining the sustained importance of human intelligence for foreign actors and that all institutions must remain on high alert. Just a few weeks ago, there was another insider risk case in the United Kingdom, affecting the British Museum.
Aerospace giant Airbus has fallen victim to a data breach where their vendors’ sensitive data such as names, email addresses and job titles amongst other information has been leaked. According to Hudson Rock, the hacker gained access by exploiting the credentials of a Turkish Airlines employee, containing third-party login credentials details for Airbus’ systems. The attacker has also alluded that they will target U.S. defence contractors such as Lockheed Martin and Raytheon next. This serves as a stark reminder that an organisation’s security is only as strong as that of its third parties, with supplier and partner assurances becoming an increasingly complex challenge.
MGM Resorts, a hotel and entertainment giant, has been suffering from widespread server and system outages following a ransomware attack forcing the shutdown of systems across various venues, including slot machines, hotel-room keys, and other services. The cyberattack began with a social engineering breach of the company’s help desk. Through social engineering attack; the hackers found an employee’s name on LinkedIn, impersonated them, and then contacted the help desk to access their account. With the disruptions lasting over a week, reports suggested that MGM had been losing over 4.2 million daily due to their operations being frozen.
The recently released Ponemon Institute 2023 Cost of Insider Risks Global Report. The report highlights the increasing complexities and costs related to insider risk. The average annual cost of insider risk has reached $16.2 Million. The report also helps us understand what insiders are most prevalent, and what to look out for. Negligent and mistaken insiders cause 55% of all incidents, costing $505,113 on average. Malicious Insider accounted for 25% of all cases, costing on average $701,500 per incident. Outsmarted Insiders, or those compromised through social engineering account for 20% of all incidents, costing on average $679,621 per incident. Out of all mitigating factors, being proactive and focusing on early indicators is considered the best protection from Insider Risk. Whilst this is a very brief overview, we strongly recommend taking a deep dive into this report to learn more about the costs and the nature of Insider Risk in 2023.
The RAND Corporation provides us with a new perspective on the entrustment of intellectual property and classified information in relation to impairment. We often look at insider risk and consider the personal predisposition individuals may have, such as mental health issues, towards committing insider acts. However, as people are increasingly working later in life, we must consider that our current workforce is more susceptible to dementia, especially in positions which hold security clearances. In military environments, it is common for national security positions to be taken by individuals with prior military experience. The risk is also higher when these individuals are targeted by adversaries who attempt to leverage insiders based on their medical condition. This report thus provides important food for thought in the defence sector, but also on our understanding of insider risk pathways in the future.
Share Post Online
Author: Lucas Seewald
Author: Enrico Henriksson
Insider Risk Intern