Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • Database
    • Networking

    Network Admin Arrest Puts Spotlight on Insider Threats

    Written by

    Brian Prince
    Published July 17, 2008
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      When reports of a disgruntled network administrator locking his co-workers out of San Francisco’s new FiberWAN first touched my ears, the first thought that raced through my head-besides the word “wow”-was that this was a clear example of how an insider can potentially bring IT operations to a screeching halt.

      Terry Childs, 43, pleaded not guilty today, July 17, to four counts of computer tampering. His arrest earlier this week set off both an explosion of media coverage and discussions about the importance of keeping an eye on the people keeping an eye on corporate networks.

      But the difficult thing about discussing insider breaches is getting a grasp on just how much of a threat they actually are. For example, a CA-sponsored study conducted by The Strategic Counsel and released today reported that 44 percent of the 500 respondents identified internal breaches as a key security challenge over the 12 months preceding the survey-up from 42 percent in 2006 and just 15 percent in 2003.

      Conversely, the number of respondents reporting virus attacks in the 2006 and 2008 surveys decreased from 68 percent to 59 percent, network attacks from 50 percent to 40 percent, and denial-of-service attacks from 40 percent to 26 percent.

      “The potential aftershocks of an internal breach have the attention of both the business and the IT organization. And for enterprise organizations the priority has now shifted from reactive to proactive security strategies to deal with this threat,” Lina Liberti, vice president of CA Security Management, said in a statement.

      However, The Strategic Counsel study flies in the face of a report released in June by Verizon. According to the study (PDF), only about 18 percent of the more than 500 forensics engagements handled by the Verizon Business Investigative Response team from 2004 to 2007 were due to insider breaches. Some 73 percent were due to external threats, and the rest came from business partners.

      Still, the median size of confidential records revealed in insider breaches was roughly 10 times larger than in the case of external breaches covered by the Verizon study.

      “We have an old tradition in the IT industry of using trust in the administration of systems,” said Jeff Nielsen, senior product manager at Symark International. “It most likely developed over the years from operating systems like Unix where there is an all-powerful super user account root and there may not have been tools available to manage access to [the] root. So we had to trust our administrators to do the right thing. In most cases they do, but it’s the one guy that goes amok that creates huge problems.

      “Mr. Childs, if he did what he is accused of doing, is just the latest in a series,” Nielsen continued. “We tend to forget the Societe General, Tenet Healthcare and Barings Bank incidents when they become old news.”

      True enough. A look at the chronology of data breaches provided by the Privacy Rights Clearinghouse does show a number of incidents of employees stealing or improperly exposing confidential information-as well a litany of lost laptops and other devices. And of course, there are also numerous mentions of hacks.

      “The best practice is to trust but verify,” said Yama Habibzai, senior director at Netcordia, a provider of network management tools. “There needs to be some level of trust within the organization, but the organization needs to have the tools in place to verify that employees touching the network are making accurate and approved changes.”

      Brian Prince
      Brian Prince

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×