Insider Threat is not only top mind for many organisations across the globe, it also seems to be on the minds of Hollywood writers and directors. This blog takes a look at the top 4 insider threats seen in popular TV shows and movies.
Mr. Robot
Category of Insider Threat: IT Sabotage
https://www.youtube.com/watch?v=Oc-AsN7d1wg
There are many scenes in Mr. Robot that exemplify just how dangerous malicious insiders can be to an organisation. In one scene Elliot uses the access he has been granted by All-Safe, a fictional security provider, to access a large customer’s network. With remote access, Elliot installs a backdoor that he eventually uses to launch a major attack against the fictional organisation E-corp. The attack ends up encrypting all the company’s digital data and backups. Though dramatised quite a bit, it begs the question, do you truly know what your vendors are doing?
Jurassic Park
Category of Insider Threat: Intellectual Property Thief
https://www.youtube.com/watch?v=WdrSM_BBXUU
Dennis Nedry, a computer programmer at Jurassic Park, plans to steal all the secrets that make Jurassic Park come to life. When realising just how valuable dinosaur embryos would be to a competitor, he decides to exfiltrate them outside of the park via a can of shaving cream. Dennis is also part of the security team, so he is fully aware how to navigate around the park’s existing security controls, gain access to the dino storage location, and sneak out of the park undetected. Sadly, for Dennis, things didn’t go according to plan.
Office Space
Category of Insider Threat: Fraud
https://www.youtube.com/watch?v=GyB6ffmXsZo
Pete Gibbons, a computer programmer at the fictional company, Initech, introduces a virus that steals fractions of pennies from financial transactions being made by the company. His plan assumes that because the transaction amounts are so small, Initech would overlook Pete siphoning off the cash to a personal bank account. The scenario highlights the risk of an employee familiar with critical systems and processes. Fun Fact, in 2007, a woman tried a similar plan at her brokerage firm. She pocketed roughly $50,000 before she caught the attention of the FBI.
Snowden
Category of Insider Threat: Espionage
https://www.youtube.com/watch?v=OI6jfeitAVk&t=59s
The Snowden name has become synonymous with the term Insider Threat. Media coverage of Snowden’s disclosures is widespread ranging from interviews, articles, documentaries, and even his own feature film. As most people are aware from the title, Snowden, the movie portrays Edward Snowden’s time in the CIA and NSA. In the film, while working as a contractor for the NSA, Snowden smuggles out confidential government documents on a microSD card hidden in a Rubik’s cube. No matter what your political stance is on Mr. Snowden, this scenario shows the importance of controlling employee access to information as well as locking down USB ports.