Three Types of Cybercrime and How to Protect Your Organization
By Troy Kitch-Oracle on Mar 29, 2011
Malicious insiders can be motivated by financial problems, greed, revenge, the desire to obtain a business advantage, or the wish to impress a new employer. According to the CERT 2011 Cyber Crime Watch Results the most common insider electronic crimes fall into three categories: IT sabotage, fraud, or theft of intellectual property (IP). Categorized as a current or former employee, contractor, or other business partner who has or had authorized access to an organization's network, a "malicious insider" intentionally exceeds or misuses their access in a manner that negatively affects the confidentiality, integrity or availability of an organization's information or information systems.
IT sabotage characterizes those who are former employees at technical levels within the organization who had access to systems with the intention of harming a specific individual, the organization, or the organization's data, systems, and/or daily business operations.
Fraud is carried out with the intention of stealing or modifying employer confidential or proprietary information for financial gain. Fraud is typically carried out by current employees at non-technical and low-level positions with access to confidential or sensitive information and who are targeting personally identifiable information or customer information.
Theft of IP is the intention of stealing confidential or proprietary information from the organization and using it as a business advantage. These are generally current employees at technical (scientists, programmers and engineers) or sales positions who may feel they have ownership to the intellectual property or customer information.
Enterprises need to consider a defense in depth strategy to protect against these types of cybercrimes and, in particular, safeguard their data at the source - in their databases. A systematic plan includes database activity monitoring and blocking, privileged user and multi-factor access control, data classification, transparent data encryption, consolidated auditing and reporting, secure configuration management and data masking.
You can learn more about cybercrime, insider threats and the solutions to help secure your data and database infrastructure here.