Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home Cybersecurity
    • Cybersecurity
    • Networking

    UBS Rogue Trader Underscores Insider Threats Facing Enterprises

    Written by

    Fahmida Y. Rashid
    Published September 15, 2011
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      The arrest of a rogue stock trader at UBS, one of the world’s largest and most recognized banks, should serve as a wake-up call to all enterprises that many security threats actually come from inside their organization rather than from outside, according to several security experts.

      London police arrested a rogue trader with the Swiss bank Sept. 15. In a terse four-line statement, UBS said the trader is suspected of causing an estimated $2 billion loss due to unauthorized trades. While UBS has not named the trader, the Financial Times identified him as Kweku Adoboli, a director in European equity trading for the Zurich-based bank.

      “The matter is still being investigated, but UBS’s current estimate of the loss on the trades is in the range of USD 2 billion,” UBS said in the statement. No client positions appear to have been affected.

      The bank was working to “get to the bottom of the matter as quickly as possible, and would spare no effort to establish exactly what has happened,” UBS CEO Oswald Gr??bel wrote in an internal memo to staff, a copy of which was obtained by The Washington Post.

      The UBS incident echoes what cyber-security experts have been saying for a while now: insiders are among the biggest threats facing organizations.

      The “continued stress” of the current economic situation is “exacerbating” the potential for insider threats, Gregory Shannon, chief scientist at CERT, a federally funded research center at Carnegie Mellon University’s Software Engineering Institute, testified at a House Financial Services Financial Institutions and Consumer Credit subcommittee hearing on Sept. 14.

      The Department of Homeland Security even warned organizations in a security advisory earlier this month that Anonymous may try to subvert “ideologically dissatisfied, sympathetic employees” to the group’s cause. The collective recently took to Twitter to persuade employees to hand over information and access to enterprise networks, according to the Sept. 2 security advisory.

      Damages inflicted on financial firms by managers, sales staff and other non-technical personnel averaged about $800,000 per organizations, according to figures collected by Carnegie Mellon’s CERT Program.

      Organizations are “building walls” around the networks to keep malicious perpetrators out, but having difficulty defending against “potential menaces that are already on the inside of the fence,” Shannon said. Nearly half of all inside attackers at financial services firms conspired with outsiders, and a third worked with colleagues to commit cyber-crimes, according to Shannon. Employees have also stolen intellectual property and sabotaged systems.

      “The single takeaway from this news is a reminder that systems access, while being essential, needs to follow a ‘less is more’ policy,” Brian Anderson, chief marketing officer at BeyondTrust, told eWEEK. “Protecting the enterprise from those with the motive and privilege isn’t just a function of mission-critical servers–it should be incorporated in everything you do.”

      The potential for fraud depends on the amount of trust the employee has, John Rostern, managing director at Coalfire, told attendees at InfraGard Cyber-Defense Summit in New York City Sept. 14. The riskiest people are often high-level employees, those with “extraordinary access to assets,” Rostern said. Organizations have to recognize the riskiest people in the organization and monitor activity, such as performing regular background checks and ensuring they are not abusing their access-level rights, he added.

      “Trust but verify,” Rostern said, quoting the phrase made famous by former president Ronald Reagan.

      “Individuals with direct access to core processing centers may be in a position to steal intellectual property, insider information or data that can damage the reputation of the company,” Gordon Snow, assistant director at the Federal Bureau of Investigation, testified at the same hearing. Theft of intellectual property can cost businesses millions of dollars, as competitors can develop the product and reach the market first, or leak information about the company’s business and financial plans to rivals, Snow said.

      Fahmida Y. Rashid
      Fahmida Y. Rashid

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.