Monday, July 06, 2009

Insider Threats from Main Street to Wall Street

Here are two totally unrelated inside jobs that, though very different, show how the insider threat is as dangerous and devastating as attacks from outside hackers. In fact, unlike a distant hacker, an insider already has access, often privileged.

In this story last week from Network World, a security guard at a Dallas hospital used his access to install malware on the hospital's network. The malware could not only steal confidential patient information, but also control the hospital's climate-control systems. The guard then had the nerve to post videos on YouTube of his exploits.

Hospitals, and health care institutions, in general, are still a long way from securing patient data, much of which contains the Identity Theft Quartet -- name, address, birthday and Social Security Number -- which together can be used for full-blown identity theft.

In another story broke by Reuters, also last week, the FBI arrested a Russian immigrant who had worked as a developer at Goldman Sachs for stealing application code used for high-volume trading. The former Goldman Sachs employee was going to bring the code over to a his new employee in exchange for a salary hike.


Post a Comment

<< Home