Trojan Horse

According to risk and security firm Kroll, insider cyber-threat soared to its highest quarterly level ever in Q3 2022. Insiders accounted for more than one/third of all unauthorized access threat incidents. Many of the cases Kroll observed coincided with employee terminations. In one example, an employee attempted to steal gigabytes worth of data by copying it over to cloud storage networks. The company followed its standard protocol, which included disabling the user’s accounts and deleting data from cloud storage accounts accessible to them, but months after the employee left for a competitor, the previous employer began to suspect that he was using company data to boost sales. Kroll created a timeline of activity showing the movement of confidential files across multiple personal emails, cloud storage accounts and physical devices. Activity largely coincided with suspicious search terms, indicating that the user knew the activity was wrong and made a deliberate effort to cover his tracks. The article includes a list of best practices for defending against insider threats.