Skip to main content

Insider attacks now more common than external hacks

Insider attack
(Image credit: Image source: Shutterstock/Andrea Danti)

Ever since the Covid-19 pandemic forced businesses to adopt remote working, insider threats have been more common than external attacks.

This is according to the 2020 Netwrix Cyber Threats report, based on a poll of more than 900 IT professionals, which states that four of the top six cybersecurity incidents are caused by employees: administration mistakes, sharing of sensitive data, cloud misconfiguration and intentional data theft.

To make matters even worse, it’s not just about making costly mistakes – it’s also about the speed at which they are spotted.

The report argues that insider incidents were “among the hardest” to detect; the theft of sensitive data takes weeks, sometimes months, to uncover and the same goes for improper data sharing and admin mistakes.

“In this age of remote work, the insider threat can’t go unaddressed. We cannot emphasize enough the importance of paying attention to how employees handle sensitive data and follow security policies,” said Ilia Sotnikov, VP of Product Management at Netwrix.

According to Sotnikov, businesses need to revisit the “founding principles of security". This means tracking user activity, automating change and auditing configuration, as well attaching alerts to potentially harmful actions.