Hackers are becoming increasingly skilled at assembling a composite of a company's confidential data from disparate sources to render stealing it profitable.
FREMONT, CA: When many businesses continue to implement work-from-home policies in the face of the global pandemic, the cyber threat environment has become even more complicated. The "disrupted" employee is a modern threat that has arisen due to current job arrangements that are so far from the norm.
A disrupted employee is someone who is caught in the middle, trying to do their job properly but using less safe methods. Since they no longer have access to the office's facilities or face-to-face interactions, they may have difficulty completing tasks.
Another issue is the modern home office. Home networks lack the usual corporate office security and bifurcations, making them vulnerable to lateral movement attacks. In these cases, attackers gain initial access to a network via an unprotected device, such as a family computer, and then look for other devices to access or gain increased privileges. Continued probing may lead to the theft of confidential corporate information or high-value intellectual property.
We can gain information required for "situational awareness," which is unavailable in newly remote workspaces, in order to do our jobs. Source code, marketing materials for a new launch, notes from a rebranding exercise, and business planning practices could all end up on a disrupted employee's computer. It may not even be sufficient to have all of this information in one location for a successful attack: hackers are becoming increasingly skilled at assembling a composite of a company's confidential data from disparate sources to render stealing it profitable.
Most of this behavior is unusual, such as accessing databases that aren't usually part of one's information domain or installing software code for a product that isn't connected. However, given the disruption in corporate networks when millions of employees were abruptly moved to home offices, these anomalies and lateral shifts could be more challenging to track down and examine. A few missed red flags could lead to severe and unforeseeable consequences in the future.
Gaining proper visibility has become increasingly complex, particularly with East-West traffic, because modern networks involve containerized applications in highly distributed and hybrid-cloud-based environments. Packet data is the single source of truth for accurate East-West security analytics, particularly in virtualized environments without a well-defined network perimeter. Consequently, achieving ubiquitous visibility, a foundational prerequisite for cybersecurity, can be time-consuming or expensive, necessitating new approaches or specialized tools.
As packet data is turned into smart metadata and actionable observations, it can be used to locate the cause of data leakage or network security disturbances. Granular analytics helps security teams escape warning fatigue by leading them to the most critical or time-sensitive issues.
A "disrupted employee," even if well-intentioned, is still an insider threat, necessitating a systematic approach to security controls, analytics, reasonable usage policies, and education. Understanding a new baseline through analytics is the first and most important step in developing the appropriate controls and educational initiatives to assist the employees in securely achieving their objectives.
See Also :- Top CyberSecurity Companies
Weekly Brief
Read Also
