Malicious Insiders

Cyber security threats to organisations do not always come from external sources. Those working for a company can also put that company at risk, whether that be intentional or not, malicious or non-malicious

Malicious insiders are those employed by a company who use their power as an insider to steal money or information. Their insider status often gives these hackers important knowledge of the company, such as how to access data, what information could be most valuable to steal or publish, and how to protect themselves from being caught. Having gained access to data, malicious insiders may also know what to do with the data to cause the most harm. 

Most malicious insiders fit into one of two broad categories. First is the most common type of malicious insider- the disgruntled employee. These individuals are those who have worked at a company for some time, and did not join the company with the intention to attack them. Instead, they have found themselves unhappy with their work situation, perhaps they feel that they have been treated badly or unfairly. Their attack may be further motivated by a change in their life, such as a sudden need for money or new family troubles. Where external issues come into play, employees may be more likely to want to gain revenge for their perceived troubles at work. 

The second type of malicious insider is the employee who takes a role within an organisation with the intention of causing damage through cyber attacks. This group of insiders might be motivated by political or ideological causes. In some cases, people are motivated by financial reasons and target the company to steal money. Where certain companies and organisations are concerned, malicious insiders may be working as part of a nation state group, taking the role at the company for this reason. 

Whether joining a job with malicious intentions or taking grievances out on a company which treats its employees unfairly, malicious insiders have advantages which other hackers may lack. By nature of them being insiders, these advantages make these attackers very real threats to any organisation.