Cyber incidents commonly attributed to the “human factor” are usually linked to accidental mistakes made by employees. However, another important element often overlooked is the deliberate malicious behavior of employees. A new study conducted by the Russian research center Kaspersky found that over the past two years, 78% of companies in the Middle East and Africa faced various forms of cyber incidents, with 23% of these incidents in the region resulting from deliberate malicious acts by employees.
Generally, internal cyber threats are divided into two main types: unintentional and deliberate. Unintentional threats or accidental errors are mistakes made by employees unintentionally, such as falling victim to phishing and other social engineering tricks, or sending sensitive and confidential information to the wrong person, etc.
In contrast, deliberate threats are committed by malicious internal employees who intentionally breach their employers’ systems, often for financial gain by selling sensitive data or out of revenge. Their goal is to disrupt or halt the regular business operations of their companies, expose technical vulnerabilities, and obtain confidential information.
Employees with malicious intent are the most dangerous among all employees who might cause cyber incidents. The threats posed by their actions are exacerbated by several factors:
– Internal employees have detailed knowledge of their company’s infrastructure and operations, including understanding the information security tools used in the company.
– Employees do not need to breach the company’s network, as they are already inside it and do not need to use phishing attacks, firewall breaches, or other methods to penetrate the company’s system from the outside.
– Employees have colleagues and friends within the company, making it easier for them to use social engineering tricks, and strong motivations drive employees with malicious intent to harm their company.
– Financial gain is one of the main reasons that drive employees to commit malicious acts against their employer. This often means stealing sensitive information to “Internal employees do not need to breach the company’s network, as they are already within it. They don’t require phishing attacks, firewall breaches, or other external penetration methods.
Employees have colleagues and friends inside the company, making it easier to use social engineering tricks, and strong motivations drive those with malicious intentions.
Financial gain is a key reason driving employees to act maliciously against their employer, often involving stealing sensitive information for sale to external parties like competitors or on the dark web.
Disgruntled employees may act maliciously out of revenge, perhaps exploiting relationships with other employees.
A significant risk arises if a terminated employee retains remote work login credentials because the company failed to revoke system access.
Employees may act maliciously when dissatisfied with their jobs or ‘to get even’ with an employer who didn’t grant expected salary raises or promotions.
Another distinct malicious act occurs when one or more employees collaborate with an external entity to breach a company. Often, these incidents involve cybercriminals recruiting one or more employees to conduct various attacks. There are also cases where external parties, like competitors or other interested parties, collaborate with employees to acquire a company’s sensitive data.”