Tag Archive for: Insider

Russian tech tycoon heads to trial in Boston over alleged insider trading and hacking scheme

/in


Between 2018 and 2020, prosecutors allege, Klyushin and his co-conspirators viewed the earnings reports of dozens of companies — including Tesla, Hubspot, Datadog, and Snap — before they were made public, and used that information to make stock trades that led to millions of dollars in illegal profits.

“This is sort of like insider trading on steroids,” said attorney Robert Fisher, a former federal prosecutor, adding that insider trading cases generally involve information related to one company or a sliver of an industry. Hacking into a vendor with access to multiple companies is rarer and much more lucrative, he said; an SEC complaint filed in federal court in Boston alleges the conspirators raked in $82.5 million.

Now, Klyushin, a married father of five, is set to go to trial Monday in federal court in Boston on charges of conspiracy, wire fraud, unauthorized access to computers, and securities fraud, in a case that will be closely watched in diplomatic circles in the United States and Russia, according to legal experts. Klyushin owns a Moscow-based technology company, M-13, that provides media monitoring and cybersecurity testing for private and public entities, including the Russian Federation, and has “significant ties to the Russian government, and, more specifically, to parts of the Russian government engaged in defense and counter-espionage,” prosecutors said in court filings.

In response to defense concerns about whether Klyushin will receive a fair trial, US District Judge Patti B. Saris has agreed to question potential jurors about whether they feel any bias toward Russian nationals, but rejected a request to ask them about their feelings on the war in Ukraine. She also ruled that prosecutors may not mention Putin’s name during the trial.

Klyushin was first arrested in March 2021 after he arrived via a chartered jet in Switzerland, where a helicopter was waiting on the tarmac to whisk him and his family to a nearby luxury ski resort for a planned vacation. Local police swooped in at the request of US authorities. His codefendants were in Russia, a country with no extradition treaty with the United States; Swiss authorities extradited Klyushin to the United…

Source…

The 5-Question Test to Assess Your Readiness to Manage Insider Threats

/in


An insider threat is a cyber security risk that originates from within any organization that is being targeted by attackers. Often, insider threats involve a current or former employee, or business associate, who has access to sensitive information or privileged accounts, and who misuses this access. Sometimes it is an outside attacker who gains credentialed access and waits for the right time to strike. In both cases, traditional security measures tend to focus on external threats and are not always capable of identifying an internal threat from inside the organization.

A paper written by Forrester Research in late 2021, Insider Threats Drive Data Protection Improvements, revealed that 58 percent of sensitive data security incidents are caused by insider threats. This report highlighted that nearly a third (31 percent) of firms surveyed do not believe insiders are a substantial threat, and suggests this is a principal reason why insider threats make up such a high proportion of security incidents.

While company leadership teams acknowledge that insider threats pose some risks, they don’t generate the level of urgency required to manage this risk effectively. This failure has a cascading effect; fewer than 30 percent of firms surveyed say they have an insider risk management strategy or policy. It is understandable that many organizations focus on perimeter and endpoint, first. Strong network and endpoint security, combined with vulnerability management lifecycle toolsets and a mature security operations center, are key to reducing overall risk. However, with insider events occurring more often than external, according to the report (58 percent vs. 41 percent), a more effective data security strategy vis-a-vis insider threats is needed.

There are steps organizations can take immediately that will mitigate some of the risk posed by insider threats. Some are straightforward, others will require some planning (not to mention board, team, and/or departmental buy-in). Take this five-question test to find out how well you currently manage insider threats.

1. Do you use multi-factor authentication (MFA)?

Multi-factor authentication cross-verifies privileged users with two different…

Source…

Insider threats cost organisations $15.4 million annually — Proofpoint

/in


Insider threats cost organisations $15.4 million annually — Proofpoint image

Frequency increased by almost half over the past two years, according to the study.

Research released today by Proofpoint has revealed that organisations impacted by insider threats spent an average of $15.4 million annually, up 34% from 2020

According to the 2022 Cost of Insider Threats Global Report from enterprise security provider Proofpoint, alongside Ponemon Institute, it took organisations an average of 85 days to contain each incident.

Over the last two years, frequency of insider threats has increased by 44%, according to Proofpoint, with three identified categories consisting of:

  • careless or negligent employees/contractors (56% of incidents);
  • criminal or malicious insiders (26%);
  • cyber criminal credential theft (18%).

67% of surveyed companies experienced between 21 and more than 40 incidents per year, up from 60% in 2020.

Incidents caused by malicious or criminal insiders cost organisations an average of $648,062, while negligent insiders cost companies $484,931 per incident.

Negligence, according to the study, could include not ensuring devices are secured, not following the company’s security policy, or forgetting to patch and upgrade, among other factors.

Meanwhile, criminal insiders use data access, which has increased for the purpose of enhanced productivity, for harmful, unethical, or illegal activities.

Credential theft incidents have almost doubled since the last study, and prove the costliest to remediate with an average of $804,997 per incident.

Addressing insider threats: how board members can maintain cyber security

Paul Stark, general manager, UK at OnBoard, discusses how board members can address insider threats by maintaining cyber security. Read here

“Months of sustained remote and hybrid working leading up to “The Great Resignation” has resulted in an increased risk around insider threat incidents, as people leave organisations and take data with them,” said Ryan Kalember, executive vice-president of cyber security strategy at Proofpoint.

“In addition, organisational insiders, including employees, contractors, and third-party vendors, are an…

Source…

Insider Q&A: Internet guardian Ron Deibert of Citizen Lab

/in


By FRANK BAJAK

BOSTON (AP) — The internet watchdog Citizen Lab has been remarkably effective in calling to account governments and private sector firms that use information technology to put people in peril.

Its digital sleuths at the University of Toronto’s Munk School of Global Affairs are best known for exposing abusive targeted espionage, particularly through the use of . Its Pegasus tool has been used to hack and surveil dozens of journalists, human rights activists and dissidents globally. In November, the U.S. government and and notified Pegasus victims.

Citizen Lab’s work elsewhere is less known. It exposes digital espionage campaigns and insecure software, most recently for athletes, journalists and other foreigners attending the Winter Olympics.

The Associated Press recently spoke with Citizen Lab’s director, . The interview has been edited for length and clarity.

Q: You founded Citizen Lab in 2001. How did that happen?

A: I was doing work on how intelligence agencies use satellite reconnaissance technology for arms control verification. It exposed me to a world that I didn’t even know existed. I saw the mixture of tools being used to gather electronic evidence and wondered why something like that could not be done in the public interest, on behalf of journalists, NGOs, and human rights activists. And what better place to do such evidence-based research – alongside people with technical skills I didn’t have — than at a university? This was all in the back of my mind when the Ford Foundation reached out to see if I was interested in a project on information tech and international security. So I pitched the lab as “counterintelligence for global civil society.” It was hubris at the time. I had no case to make such a claim. But here we are many years later, fulfilling that role.

Q: What do you consider Citizen Lab’s greatest contributions? And is it growing?

A: I think the greatest thing we’ve done is develop a reputation for research that is highly credible, methodical and unbiased. We go where the evidence leads us and are beholden to no one. I have been able to surround myself with very talented, highly ethical people most of whom could be…

Source…