Threat of Inside Attackers on Intellectual Property and Sensitive DataJune 18, 2020 - by Jason Conley
Major data breaches occur quite frequently, where thousands, sometimes millions, of people’s credentials and data are compromised. With privacy laws evolving, organizations are heavily focused on perimeter security, the secured boundary between the private and public side of a network, and keeping hackers out of the company’s private network and away from their assets. Though, many organizations continue to lack awareness and internal controls required to protect themselves from potential damage caused by its very own people.
COVID-19 Impact on Data Breaches
The COVID-19 pandemic has left many companies in a position where they have no choice but to undergo layoffs and downsizing, which have amplified internal threats. If the wrong information lands in a competitor’s lap, the threat can be as great as losing significant market share or completely going under.
The effective response to an internal breach of sensitive data and intellectual property that has occurred or may occur in the future is mitigation, which can offer some hope to those in such a dire situation.
A Reoccurring History of Stolen Data
Twenty years ago, CSI/FBI survey respondents reported nearly a billion dollars in stolen data from U.S. companies annually and one third of those perpetrators were considered insider threats.1 This data is from a time when portable media was doubling in capacity each year and people were realizing just how easy it was to steal company data.
Suddenly, years of research and development plans, customer lists, software codes, business plans, pricing schemes and schematics were finding a way out of organizations and into the hands of competing companies. Today, the statistics are no different because addressing an insider threat has no simple remedy, despite the technological advancements over the past two decades.
Digital Forensics Investigations
While there is no single clear-cut answer, digital forensics experts can provide organizations with a means to mitigate the damages, which can gravely affect the outcome from a breach of trust. By uncovering the digital footprints of the perpetrator, companies have a legally acceptable means to investigate and remediate the damages when an internal cybercrime has taken place.
Undetected theft of sensitive data and intellectual property often has the most significant impact on a company’s bottom line. In situations where an internal threat was detected and a former employee hacked an organization’s network, the threat of damage to the company can be so severe that the organization may be compelled to seek out emergency court orders, legally authorizing the investigating parties to gather all the evidence required from former employees' residences and offices of companies seeking to benefit from the stolen data, simultaneously, with no notice. Such civil search warrants are exceptional measures but do exist and are justified under the most severe conditions.
Sources of digital evidence can be found almost anywhere in today's workplace. Servers, laptops, desktops, portable drives and mobile phones hold a wealth of information for any investigation. These devices often unveil activities that have transpired for weeks or months on end. Consulting with an experienced digital forensics specialist can make a big difference in securing evidence necessary to recover from internal attacks. The best experts work in tandem with legal counsel and act swiftly in order to provide the greatest possibility for balancing the scales of justice and turning back the hands of time before the damage is irrevocable.
About the Author
Mr. Jason Conley is a Digital Forensics Examiner. Since 2003, Jason has been providing computer forensic services and cyber-investigation support to a wide array of clients including corporate directors & security management, legal departments & law firms, government agencies, private investigation firms, forensic accountants, and business owners & managers in the Greater Toronto Area and across Canada.