Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Database
    • IT Management
    • Storage

    Fighting Insider Threats Spotlighted at DEFCON Conference

    Written by

    Brian Prince
    Published July 16, 2010
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      When insider data breaches hit, they hit hard.

      Just recently, a former senior database administrator for GEXA Energy was sentenced to a year in prison for illegally accessing, copying and damaging a customer database two months after he was fired. The act cost the company $100,000 in damages and former DBA Steven Jinwoo Kim his freedom.

      “The biggest driver we’ve seen for malicious insiders in the past 18 months has been the economic downturn,” said Jacob West, who is security research director at Fortify Software. “During a recession, engineers see layoffs left and right and begin to fear for their own job stability. This pressure can cause unethical insiders to plant backdoors, logic bombs or other nefarious code that they believe will allow them to steal funds, information or do other damage to the company from the outside in the event that they are laid off.”

      All this makes understanding the techniques malicious insiders use more important, and at the upcoming DEFCON 18 conference, West and fellow Fortify researcher Matias Madou plan to address the how and the why behind insider threats uncovered in actual software systems.

      “We studied 18 categories (of attacks) in total, ranging from leaking sensitive information outside of the company to disrupting the execution of the code designed to support business processes,” West said. “In general, we found short, dense code fragments that could be written in a couple of hours. However, our anecdotal conclusion is that many of these attacks took months of planning the strategy implemented by these relatively compact segments of code.”
      Most development organizations today make no effort to identify explicitly malicious code written by insiders, Madou added.

      “If the attack is not so obviously destructive that it is identified through typical quality and security assurance practices, then insiders may plant attacks that lay dormant in a codebase for sometime,” he said. “You might find that piece of code by accident or when the exploit is carried out, but that’s a poor time to start the investigation.”

      “By intelligently abstracting malicious behavior into key indicators, we have been able to find multiple confirmed problems in real code bases,” West explained. “The key to an effective approach is still a process for reviewing and safeguarding against malicious insiders, but static analysis can and should be an integral part of that process.”

      Still, detecting insider threats through technology alone can be problematic. Administrators, after all, can often use their access privileges to hide their behavior. As a result, a mix of technical and non-technical solutions is needed.

      “From a technical perspective, we can deter malicious insiders by regularly informing developers that the company is actively looking for insider threats,” Madou said. “Non-technical prevention techniques should be tackled by HR and management. From a detection stand-point, the biggest advantage development organizations could give the [vendors] is sharing anonymized examples of the malicious code they do find so that we can continue improving detection capabilities to combat the insider threat problem.”

      DEFCON will run from July 30 to Aug. 1 in Las Vegas.

      Brian Prince
      Brian Prince

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×