Whiteants and Morons, insider threats.

Where I come from in the Northern Territory of Australia. There are termite "White-ant" mounds all over the bush, I remember growing up seeing these massive structures which if you ever got close enough too were so impressive it was hard to believe they were built by ants.

As a kid I'd try and open up bits but they were rock solid to my feeble efforts.

It was only when the inside cracked after a storm or some really motivated bush bashing creature from the Aussie outback had a crack that you could compromise the security and safety of the angry little ants inside.

A termite mound then has some similarities with a Fortune 500 company, resistant to external threats, concentrated on continual growth and optimising efficiency. They're built by a colony focused on progress.

What they also have in common is white-ants, only with the termite mounds in the bush, they're expected, that's their job. In corporate world, white-ants can mean there is an existential threat to the survival of the organisation.

The threats to an individuals integrity that come from personal data leaks are not just a breach of their own privacy they’re the first step towards motivated actors working up or developing that breached individual as an insider threat.

They can transform unsuspecting individuals into the puppets needed by motivated actors turning them against their own organisations, leading to potentially devastating financial consequences for the individual and the company.?

The escalation from a simple data leak to becoming an unintentional accomplice in harming your organisation underscores the critical need for senior leadership to maintain vigilance from an organisational risk management perspective.

The Hidden Dangers of Personal Data Leaks

The fuse once lit is hard to extinguish, this is where the old saying of "an ounce of prevention beats a pound of cure" once the leak published it is now a ticking time bomb.

Cybercriminals exploit information to gain unauthorised access to more secure systems, including those of an employer. This unauthorised access can lead to data breaches, financial loss, and damage to the organisation's reputation.?All for the gain of the criminal working through their new puppet.

In such scenarios, without their knowledge, an individual's compromised identity becomes the digital back door.

5 Tools you can give your staff to immediately background themselves.

Essential Tools to Check for Data Leaks

To mitigate these risks, individuals can proactively check if their data has been compromised and then take the necessary steps to mitigate their own issues.

1. Have I Been Pwned: This widely recognised website allows users to check if their email addresses or passwords have been exposed in data breaches. It's an excellent first step in assessing your vulnerability. https://haveibeenpwned.com/

2. Mozilla Monitor: Leveraging the database of Have I Been Pwned, Firefox Monitor provides alerts if your email has been part of a data breach, integrating seamlessly with the Firefox web browser for continuous monitoring.

https://monitor.mozilla.org/

3. SpyCloud: Focusing on preventing account takeovers, SpyCloud helps identify exposed employee or customer data, acting as a preemptive measure against unauthorised account access. https://spycloud.com/why-spycloud/

4. DeHashed: As a security search engine, DeHashed allows users to search for leaked personal information, including email addresses, usernames, and passwords, providing a comprehensive overview of one's exposure.

https://www.dehashed.com/

5. Scattered Secrets: This platform is a password breach notification service that lets users search for compromised passwords and emails, helping individuals and organizations strengthen their security posture.

https://scatteredsecrets.com/

The Impact of Being an “Ignoramous”

Ignorance is not an excuse provision.

You are responsible.

The impact of being transformed into an insider threat due to personal data leaks can have far-reaching implications. Financially, it can lead to loss of trust, job termination, and legal consequences for you as an individual, (how’s that job at Woolies looking?) aside from the direct financial damage to the organisation.?

The psychological burden on you of being associated with a data breach, even unknowingly, can also not be understated.

It’s a real fear of mine that I somehow unwittingly bring about my own demise through ignorance, as it should be for those who recognise they have a knowledge debt they need to pay off, learn and do what you can to prevent anything of this kind occurring.

I wanted to try and find a contemporary story to bring home the message.

Finding a specific, publicly documented case study of an employee whose data was leaked and then was coerced into carrying out corporate espionage presents a challenge though due to the sensitive nature of such incidents.?

While a direct case might not be accessible, the story of Harold T. Martin III offers insights into the complexities surrounding data security, personal vulnerabilities, and their implications for national security.

Background:

Harold T. Martin III was a contractor for the National Security Agency (NSA) who, over a period of two decades, accumulated a vast amount of classified material. In 2016, he was arrested for removing highly classified information and storing it in his home and car.?

The Breach:

Over 10 to 20 years, his practices went against the grain (a minor understatement) for removing information from secure systems. While Martin was not by all accounts directly blackmailed into espionage due to a data leak, his case highlights how personal vulnerabilities can lead to unauthorised data removal and potential exploitation.

Implications:

The incident underscores the risk that personal behaviors and vulnerabilities pose to corporate and national security. If such collected data had been leaked or if Martin had been coerced or blackmailed by a foreign entity leveraging personal information against him, it could have resulted in espionage. The breach also spotlighted the need for stringent security measures and monitoring within organisations to prevent unauthorized data access and removal.

Summary and Lessons Learned

Individuals with access to sensitive information can become compromised and complicit with data breaches, intentionally or unintentionally. Organisations need to assess personal vulnerabilities when granting access to classified or sensitive data.

Data Access Control (silo or compartmentalise) to only what is necessary for an individual's role as well as implementing strict monitoring can minimise the risk of unauthorised data exfiltration.

Inhouse and externally provided training programs that emphasise security awareness can help employees recognise potential threats and understand the importance of safeguarding personal and organisational data.

Have an Incident Response Plan! As a leader you must have robust incident response plans to quickly address and mitigate the impact of data breaches, including potential insider threats. It’s the old "If Then" thinking and being prepared with a set of actions on in the event the worst does happen.

This case of Martin’s serves as a cautionary tale to proactively protect against insider threats.

Was he an “Ignoramous” (most certainly in the end) or was he a “Whiteant”??

Either way, his case highlights the complexity of insider threats, demonstrating such risks can arise not only from malicious intent but also from individual psychological issues or compulsive behaviors that lead to unauthorised handling of sensitive information.

Harold T. Martin III - Links

https://www.cyberpolicy.com/cybersecurity-education/harold-t-martin-the-nsa-contractor-who-stole-too-much

https://www.justice.gov/opa/pr/former-government-contractor-sentenced-nine-years-federal-prison-willful-retention-national

https://en.wikipedia.org/wiki/Harold_T._Martin