Perhaps one of the most important breaches which took place this month was Trend Micro’s insider threat.
According to the company:
In early August 2019, Trend Micro became aware that some of our consumer customers running our home security solution had been receiving scam calls by criminals impersonating Trend Micro support personnel. The information that the criminals reportedly possessed in these scam calls led us to suspect a coordinated attack.
Although we immediately launched a thorough investigation, it was not until the end of October 2019 that we were able to definitively conclude that it was an insider threat. A Trend Micro employee used fraudulent means to gain access to a customer support database that contained names, email addresses, Trend Micro support ticket numbers, and in some instances telephone numbers. There are no indications that any other information such as financial or credit payment information was involved, or that any data from our business or government customers was improperly accessed.
Our investigation revealed that this employee sold the stolen information to a currently unknown third-party malicious actor. We took swift action to contain the situation, including immediately disabling the unauthorized account access and terminating the employee in question, and we are continuing to work with law enforcement on an ongoing investigation.
Certainly the problem of insider threats can be very real and we have reported before the Mayor of Baltimore had to fire an insider who had hacking tools on his computer.
This is why it is crucial to consider using an outside company for your IT and cybersecurity. A qualified MSP or MSSP.
Can such a company have an insider breach as well? Yes. However, there are two reasons why outside firms can be safer.
Cybersecurity is built into what they do already. Assuming you pick the right firm, the business owners and management are aware of the potential for this to happen and put controls in place to minimize the risk.
Another solid reason is MSPs often swap out workers.
In fact, the best situation for a company using an MSP is to agree to have techs swapped from time-to-time.
The tech shouldn’t always be aware a change is coming.
The reason is, if there is something nefarious going on, it is tougher to cover your tracks if another tech is taking over for you at random times.
In the Trend Micro case – it is unclear if it was a tech worker who accessed and released the information but tech workers do have access to many corporate secrets and can be a major source of leaks. This is why it is crucial – if you are not outsourcing to ensure that multiple sets of eyes are involved in sensitive areas of the organization to reduce the chance of data theft.
For more information on how to stay secure, we welcome your inquiry.