The Insider Threat Worst-Case Scenario

Imagine if every single American citizen had his or her personally identifiable information, such as full names and addresses, leaked onto the Internet. This cybersecurity and privacy nightmare might seem implausible, but that’s exactly what happened in Israel, where 9 million records, those of every living citizen and some deceased, were leaked online and eventually sold on the black market.

According to recent breakthroughs in the investigation,  a contracted employee copied the entire Israeli Population Registry database onto his home computer in 2006. When that employee was later fired for unrelated criminal charges, he sold the information to a business client who continued passing the data around online along with a program to querry and search the enormous database – not the sort of Big Data solution that we encourage. The information is suspected to have fallen into criminal hands and, aside from identity theft and petty crime, is a national security threat as it simplifies fraud and false documentation and a threat to the democratic process as it can also be used for voting fraud.  The investigation is a great example of Internet sleuthing. Authorities didn’t stop at hard disks and CDs, following leads through cloud services and coupling their forensics with old-fashioned human detective work along with international law enforcement cooperation.

While the investigation displayed great cybersecurity professionalism, leaking the database was the result of glaring lapses in security.  Clearly, this contractor should not have been trusted with such high-profile information in the first place, judging from his multiple criminal charges. Though not classified, given all that can be done with personally identifiable information today, it must be treated as highly sensitive and valuable. And, even for reputable employees, such unrestricted access to a massive amount of data is just asking for trouble. It’s easy to say such amateur mistakes could not happen in the United States, but in the WikiLeaks fiasco Bradley Manning, who was found to be distressed and highly dissatisfied with the military, had broad access to classified information which he similarly downloaded. As the recent spate of leaks illustrates, personal records are seldom adequately protected. Recently, an unencrypted laptop was stolen from Sutter Health, exposing 4 million personal records, and the theft of TRICARE backup tapes released 4.9 million health records. Though some of TRICARE’s data had been encrypted before being backed up, it was not to federal standards.

Incidents like this are pushing the federal government to protect data rather than machines or accounts. Even as an administrator, the contractor in Israel should not have been able to download the Population Registry on to his home computer. When dealing with sensitive data, the principle of least privilege should be used to protect against malicious insiders. Rather than give a certain class of users free range on the system, each account should have only the minimum privileges it needs to do its job. Lastly, analytics are available that can make sense of log and behavior data to spot anomalies in user behavior that would suggest an insider threat or a hijacked account. While most enterprises have such capabilities, the log information they generate can be overwhelming. Big Data tools like Splunk can be critical for making the most of your log data to analyze all of your information quickly.

Sign up for your free CTOvision Pro trial today for unique insights, exclusive content and special reporting.

CTOvision Pro Special Technology Assessments

We produce special technology reviews continuously updated for CTOvision Pro members. Categories we cover include:

  • Analytical Tools - With a special focus on technologies that can make dramatic positive improvements for enterprise analysts.
  • Big Data - We cover the technologies that help organizations deal with massive quantities of data.
  • Cloud Computing - We curate information on the technologies enabling enterprise use of the cloud.
  • Communications - Advances in communications are revolutionizing how data gets moved.
  • GreenIT - A great and virtuous reason to modernize!
  • Infrastructure  - Modernizing Infrastructure can have dramatic benefits on functionality while reducing operating costs.
  • Mobile - This revolution is empowering the workforce in ways few of us ever dreamed of.
  • Security  -  There are real needs for enhancements to security systems.
  • Visualization  - Connecting computers with humans.
  • Hot Technologies - Firms we believe warrant special attention.

 

Recent Research

What The Enterprise IT Professional Needs To Know About Git and GitHub

3D Printing… At Home?

Tech Firms Seeking To Serve Federal Missions: Here is how to follow the money

Creating The New Cyber Warrior: Eight South Carolina Universities Compete

Mobile Gamers: Fun-Seeking but Fickle

Update from DIA CTO, CIO and Chief Engineer on ICITE and Enterprise Apps

Pew Report: Increasing Technology Use among Seniors

Finding The Elusive Data Scientist In The Federal Space

DoD Public And Private Cloud Mandates: And insights from a deployed communications professional on why it matters

Intel CEO Brian Krzanich and Cloudera CSO Mike Olson on Intel and Cloudera’s Technology Collaboration

Watch For More Product Feature Enhancements for Actifio Following $100M Funding Round

Navy Information Dominance Corps: IT still searching for the right governance model

solid