Insider Threat Management

The Insider Threat Level: GDPR Total Recall, The CIA Hoarder, and At-Risk Agencies

Share with your network!

Your people are your biggest asset, but also your biggest risk. Do you have the ability to detect, investigate, and prevent a costly insider threat incident, or know how to recognize one when it occurs?

The Insider Threat Level series is here to keep you up-to-speed on the numerous examples of insider threat incidents, trends, and best practices caught in the news, so you can be more prepared for anything coming your way.

This week, we’re taking a look at: an EU data leak that brings up fond memories of GDPR, the story of a CIA contractor that has been secretly hoarding classified work, a new report that claims Federal Agencies are “at risk” or worse, and a whole bunch more.

Current Insider Threat News

  1. EU Website Suffers Data Leak, Shortly After GDPR Goes into Effect


    Source: The Telegraph

    By now, you’re no doubt overly familiar with the GDPR compliance conversation. But, according to Anthony Chadd, the Senior Director of EMERA at Neustar, “Achieving GDPR compliance is a clear challenge for organizations, so much that, following a leak of personal data on its website, even the European Commission has failed to meet its own standards.”

    Yes, you read that correctly. The organization responsible for GDPR compliance regulations is having difficulty with… GDPR compliance.

    According to The Telegraph, the documents containing more than 700 personally identifying records were uploaded to the Europa.eu website in Excel format, by various European Commission officials all the way back in 2013.

    Hot Take:

    While the European Commission reportedly does not have to comply directly with GDPR compliance regulations, due to “legal reasons,” this situation could have (and should have) been avoided. Organizations need to recognize the potential cost of insider threat incidents and data loss, as well as the importance of obtaining visibility into user activity. It seems hard to believe that the European Commission did not have stricter data loss prevention practices in place, considering the nature of said organization.

    Like we always say: “Your people are your biggest asset, but also your biggest risk.”

     

  2. 1 Million South Africans Personal Information Leaked


    Source: Times Live

    According to a recent report by Times Live of South Africa, approximately 934,000 personally identifying records were publicly leaked “by one of the companies responsible for traffic fines and online payments in South Africa.”

    The records are reported to have contained personal identification numbers, email addresses, full names, passwords, and other identifying information for individuals who had registered to pay traffic fines online in the region.

    Hot Take:

    No one likes to pay traffic fines. (This part isn’t news.) But to have your personal data leaked as a result? Horrifying.

    If the governing body of this organization had visibility into contractor user activity, they might have had a better understanding of what they were doing with their proprietary data. The moment something risky or out-of-policy was detected, they could have been alerted, and immediately moved into action to detect and investigate the potential insider threat, stopping them before things escalated to this extent.

     

  3. CIA Contractor Found Hoarding Classified Data


    Source: Reuters

    When a news report hits the wire claiming that someone involved with the CIA, or Central Intelligence Agency, has exfiltrated large amounts of classified data, you tend to take notice.According to Reuters, a former U.S. CIA contractor has pled guilty to “improperly searching classified databases” and “copying the information into personal notebooks which he then took to his house.” The contractor is set to be sentenced on September 21st of 2018.

    Hot Take:

    Again, this is a tale of visibility into user activity. If the CIA had visibility into the user activity for this particular contractor, they might have noticed that he was mis-utilizing organizational databases and investigated him sooner. Unfortunately, they didn’t notice for quite some time, as the contractor was able to copy information from these classified databases into 60 (!) notebooks and then transport them back to his home.

     

  4. Report Claims “Most Federal Agencies Are ‘At Risk’ or Worse”


    Source: Gizmodo

    There has been quite a lot of hubbub regarding the state of cybersecurity in the United States, and this news is set to only add fuel to that fire. According to an article by Gizmodo covering a new report released by the U.S. Office of Management and Budget, “most agencies within the government fail to clear even the lowest bars when it comes to cybersecurity preparedness.”

    Hot Take:

    Something has got to give. The potential impact of state-sponsored cybersecurity attacks, insider threats, and other types of cybersecurity incidents is just too much to ignore.

How do you feel about the Insider Threat Level?

Did you find this insider threat news recap particularly interesting? Want to see additional coverage? Let us know by tweeting @Proofpoint.