MI5: Spies and thieves are targeting & grooming insiders

MI5: Spies and Thieves are Targeting & Grooming Insiders
by infosecurity
 
MI5 has warned British corporate chiefs that foreign intelligence agencies are targeting IT workers within big organisations in a bid to gain privileged access to sensitive data. The act of grooming internal sources with access to highly sensitive information has been likened to the practices of Cold War spymasters, and MI5 has used the analogy to urge more companies to boost their overall IT defenses. 
“This warning confirms something that we’ve been saying for a while now – that the abuse of privileged credentials is the next frontier for cyber-crime against enterprises”, said Paul Ayers, vice president of EMEA at enterprise data security firm Vormetric, in a comment to Infosecurity. “It is clear that businesses are still struggling to defend their most critical assets from those legitimately within the perimeter”.
Even junior staff can be targeted and groomed, MI5 warned, as reported by the Financial Times--adding a deeper layer of confusion to how to address the issue. Paul Stockton, a former US assistant secretary of defence for the UK, told the FT that so-called insider threats are certainly a growing challenge.
"They're not necessarily those at the highest levels of an organization", he said. "Rather it is the systems administrators and others who hold the keys to the IT kingdom that pose such significant potential threats".
Ayers added that part of the complexity stems from the changing nature and definition of a privileged user: “What was once a traditional insider with legitimate access rights has now become almost anybody with appropriate credentials to view and modify data across corporate networks – from contractors to system engineers to network-maintenance workers”.
Regardless of how they’re defined, privileged user accounts are increasingly lucrative targets. MI5 warned that, once hijacked, these credentials can be used as a way for outside hackers to infiltrate corporate networks—which is exactly what happened in the Target data breach case.
 
Full Article