The rise of the ‘super malicious’ insider

Humans have always been a weak link in the cybersecurity chain and a new report from DTEX Systems provides evidence that the sudden shift to remote working has directly contributed to an escalation in psychosocial human behaviors that create organizational risk.

In particular it notes the rise of ‘super malicious’ insiders, who accounted for 32 percent of malicious insider incidents investigated by the DTEX Insider Intelligence and Investigations (I3) team in 2021.

Overall there has been a 72 percent year-on-year increase in actionable insider threat incidents. 42 percent of these are related to IP and data theft, including industrial espionage incidents related to the theft of trade secrets, source code, and active collusion with a foreign agency.

“If any company thinks they don’t have an insider risk problem, they aren’t looking,” says Rajan Koo, chief customer officer and DTEX I3 lead with DTEX Systems. “The addition of the super malicious persona in this year’s report provides a wake-up call that traditional cyber security tools, such as DLP, UBA, and UAM, are actively being avoided or circumvented by those with sufficient technical skill and malicious intent.”

Other findings include that 75 percent of insider threat criminal prosecutions were the result of remote workers. 56 percent of organizations had an insider data theft incident resulting from employees leaving or joining companies, and there’s been a +200 percent year-on-year increase in data loss associated with users taking screenshots during confidential Zoom and Microsoft Teams meetings. In addition there’s a +300 percent year-on-year increase in employees using corporate assets for non-work activities.

“While the increase in the amount and impact of insider risk occurred across industries, we found that it is most concentrated in technology and critical infrastructure at 33 percent and 24 percent, respectively,” says Armaan Mahbod, director of security and business intelligence, counter-insider threat at DTEX. “The risk to critical infrastructure entities in the Five Eyes nations is especially significant as any compromise can be damaging to the national security of these countries and the safety and well-being of its citizens.”

You can get the full report from the DTEX site.

Photo Credit: FGC / Shutterstock

Author: Martha Meyer