Industry experts have given their views following reports that a former employee of Tesla was accused of hacking and transferring data to third-parties.
Gregg Petersen, Regional Sales Vice President, Middle East and Africa at Veeam, has discussed the importance of data protection and keeping data protected from insider threats and data loss.
He said: “Malicious attacks from employees may be less frequent than external attacks, however their damage potential can be just as catastrophic, if not more so. Those out to cause corporate sabotage are in a unique position as they will have authorised access to important data and will be able to do extensive research on what’s available, and if inclined what it’s worth to external groups.
“It will only take one of the third parties to use the data to get into the system for data and the entire business to be compromised, or for it to be used in a competitive way to gain insight into the wider business.
“As organisations migrate to hyper-availability where businesses are always on, it’s imperative that businesses think bigger and have an understanding of the data they hold, where it is located and who can access it.
“And while GDPR forces businesses to evaluate who has access to what data, little can currently be done to mitigate the risk posed by those legitimately authorised to access data sets but who have bad intentions. However, a move to behavioural-based data management from rigid policy-based data strategies, while not risk free, does mean that unusual requests have more chance of being flagged to administrators.
“Data management and protection, day or night, is a fundamental responsibility for businesses today, not just to its customers, but to its stakeholders and board. Not having the right protection in place could see an organisation suffer significantly. For one of the world’s most foremost innovators to fall foul of such sabotage should ring bells in businesses across the globe, for the outcomes of such breaches can spell long-term financial and reputational damage.”
Meanwhile, Thomas Richards, Associate Principal Consultant at Synopsys’ Software Integrity Group, said internal threats can produce a ‘great deal of damage’.
“To counter any internal threats, organisations should fully test all code and track employee changes based on a bug tracking system or changelog. This provides answers to questions such as ‘did the person carry out what was required to resolve the issue at hand?’” he said.
“Although companies need to inherently trust their employees, all work should still be monitored and verified before code can enter production. Any unnecessary or unusual access to code and resources should be investigated.
“All login attempts both successful and not successful should be monitored and reviewed for inconsistencies. Sensitive data including code or other organisational assets should also be protected and segmented from general access inside the environment. Additionally, workstation controls should be put in place to prevent employees from moving data onto removable media. Account creation and authorisation should be handled by a centralised group who will vet and verify requests for account creation and access.”
Thomas Nuth, Director at Nozomi Networks, said: “The recent allegations of internal sabotage from an employee of Tesla highlights the need for real time visibility and cybersecurity at all areas of critical operations.
“At Nozomi Networks we believe operational and cybervigilance is as important for managing internal threats as it is against external threats.”
Click below to share this article
