You are here: Home » 2024 » October » Archives for 18th

The Enemy Within: Navigating the Evolving Landscape of Insider Threats

DUBAI, UAE, Oct. 18, 2024 (GLOBE NEWSWIRE) — In today's interconnected digital world, organizations face a multitude of cybersecurity challenges, with insider threats posing a significant risk. These threats, whether malicious or unintentional, pose a significant risk to organizations of all sizes and industries.

The Evolving Nature of Insider Threats

Traditionally, insider threats were often disgruntled employees or those motivated by personal gain. However, the landscape has shifted. State–sponsored actors, and sophisticated hacking groups are now actively planting threat actors inside of target organizations. This new breed of insider threat is patient, highly skilled, and often backed by substantial resources.

Recently, KnowBe4 inadvertently hired a North Korean threat actor who attempted to infiltrate the organization by posing as a software engineer. Thanks to our strong security protocols and the vigilance of the InfoSec team, they were exposed within 25 minutes of showing suspicious activities during onboarding, preventing any unauthorized access to systems.

Incidents like these underscore a well–known and widespread tactic employed by North Korean threat actors. This was confirmed later when we shared the collected data with the FBI and cybersecurity experts at Mandiant. It's a reminder that in cybersecurity, information sharing is crucial.

Other recent incidents across various industries have also highlighted this growing trend. Organizations have found themselves unknowingly hiring individuals with malicious intent. These threat actors often pose as legitimate job seekers, using stolen or fabricated identities, and leveraging advanced technologies like AI to create convincing personas.

The Modern Insider Threat

Today's insider threats are mostly characterized by:

  • Sophisticated Identity Theft: Using stolen identities complete with verifiable background information.
  • Advanced Technology: Employing AI–generated images and deep fake technology to bypass visual verifications.
  • Social Engineering: Expertly navigating interview processes and social interactions within the organization.
  • Technical Skills: Possessing genuine skills to perform job functions while covertly pursuing malicious objectives.
  • Patience and Persistence: Willing to invest significant time to gain trust and access within an organization.

The Stakes Are Higher Than Ever

The potential damage from insider threats extends far beyond data breaches or financial losses. These threat actors can:

  • Exfiltrate sensitive data
  • Sabotage critical infrastructure
  • Manipulate financial systems
  • Compromise national security
  • Damage brand reputation and erode customer trust

Mitigating Insider Threats

To combat this evolving threat, organizations must adopt a multi–faceted approach:

  • Enhanced Vetting Processes: Implement rigorous background checks, including cross–referencing multiple sources.
  • Continuous Monitoring: Employ advanced behavioral analytics and anomaly detection systems.
  • Zero Trust Mindset: Adopt a “never trust, always verify” approach to access control.
  • Security Awareness Training: Educate all employees about the signs of insider threats and reporting suspicious behavior.
  • Regular Security Audits: Conduct frequent assessments of access privileges and system vulnerabilities.
  • Incident Response Planning: Develop and regularly test plans for quickly containing potential insider threats.
  • Cross–Departmental Collaboration: Foster close cooperation between HR, IT, and security teams to create a unified defense.

The Path Forward

As insider threats evolve, organizations must adopt a holistic strategy combining technology with human vigilance. Building a culture of security awareness is crucial, empowering employees to act as human firewalls. Information sharing within industries and with law enforcement is vital, as collaboration is key to combating these sophisticated threats. 

Conclusion

The fight against insider threats is an ongoing process of adaptation, learning, and vigilance. In this new era of cybersecurity, our greatest assets are our people, our processes, and our willingness to evolve. By harnessing these strengths, we can create resilient organizations capable of withstanding the threats that lie within.

To learn more about how you can protect your organization, read the KnowBe4 whitepaper on the topic here.

By Dr. Martin J. Kraemer, Cybersecurity Awareness Advocate at KnowBe4


GLOBENEWSWIRE (Distribution ID 9258231)

A Pact for the World’s Poorest

Deodat Maharaj, Managing Director of the United Nations Technology Bank for Least Developed Countries

Deodat Maharaj,
Managing Director of the United Nations Technology Bank for Least Developed Countries

By Deodat Maharaj
UNITED NATIONS, Oct 18 2024 – Last month, world leaders gathered at the time of the UN General Assembly in New York and agreed on a pioneering Pact for the Future. This global accord has implications across a broad range of issues that affect every country. It offers much hope for the poorest and most vulnerable countries on the planet, known as Least Developed Countries (LDCs).

The world’s 45 LDCs are home to a billion people who face systemic underdevelopment marked by poverty, inadequate health systems, poor infrastructure and limited access to education and technology.

While some progress has been made during the last decade, less than a fifth of the Sustainable Development Goals (SDGs) are on track to be met. For example, only around 60% of children in least developed countries complete primary school despite improving literacy rates across the globe. Healthcare disparities are also stark, with maternal mortality rates averaging 430 deaths per 100,000 live births in low-income countries compared to 13 per 100,000 in wealthier nations.

The Pact for the Future, along with its two annexes, the Global Digital Compact and the Declaration on Future Generations, offers an inclusive roadmap aimed at accelerating progress towards the SDGs. By also leveraging advancements in science, technology and innovation, the framework seeks to dislodge decades of stagnation and inequality.

Bridging the massive digital divide, which is most pronounced in poor and indebted countries, will be critical for accelerated progress. Only 36 percent of people in LDCs are connected online, and buying a smartphone costs 95 percent of an average monthly income. In general, low-income countries also have a lower level of educational attainment and fewer trained professionals in science, technology, engineering and mathematics.

The Pact for the Future outlines several key commitments: On digital cooperation, the Global Digital Compact presents targeted actions for a safer, more inclusive, more equitable digital world by closing the digital divide and expanding inclusion in the digital economy.

On sustainable development and financing for development, the Pact reaffirms the 2030 Agenda and places the eradication of poverty at the centre of efforts to achieve it. Amongst the proposed actions, it pledges to close the SDG financing gap and strengthen efforts to address climate change, which is disproportionately impacting LDCs.

On financial reform, the Pact seeks an overhaul of global financial systems, including by granting developing countries a greater voice in decision-making. It seeks to mobilize additional financing for the SDGs and generally making finance more readily available. The Pact also addresses the unsustainable debt burdens of many LDCs.

This novel Pact for the Future has the potential to give a push to the development agenda across the developing world, but especially so in LDCs. However, for success, there are some prerequisites. Firstly, there is the matter of financing.  It is good to see the welcome emphasis on boosting financing for developing countries and making it more accessible.  With finance, the possibilities are unlimited. Without finance, progress will once more be stymied. Therefore, the international community must match words with action.

Secondly, the role of business as an essential partner is key. A government-centric approach on its own cannot and will not work. More specifically, there must be attention to the micro, small and medium-scale enterprises sector, which accounts for the majority of businesses and generates the bulk of employment in most developing countries. Systematic support for digitalisation, innovation and the application of technology to this sector will create jobs and opportunities whilst boosting inclusive growth.

Thirdly, multilateralism is vital. The Pact for the Future has enormous potential, with the power to materially shift the dial for least-developed countries. However, it will require international cooperation, sustained political will and strong accountability mechanisms. If realised, this bold initiative could become the catalyst for new technological investments that can help shape an equally bold future for the world’s poorest.

At its core, the UN’s Pact for the Future is a blueprint for renewed cooperation in a fragmented world and offers much hope. There may not be another such opportunity. Let us seize the moment.

Note: Deodat Maharaj is the Managing Director of the United Nations Technology Bank for Least Developed Countries and can be contacted at: Deodat.Maharaj@un.org

IPS UN Bureau Report

 


!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?’http’:’https’;if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src=p+’://platform.twitter.com/widgets.js’;fjs.parentNode.insertBefore(js,fjs);}}(document, ‘script’, ‘twitter-wjs’);