About Those Insider Threat Security Systems

January 1, 2021

Fortinet published a report about insider threats. You can get a copy at this link. The document reveals the trends and challenges facing organizations from insider threats; that is, someone inside an organization helps a bad actor access off-limits systems and services. One statistic jumped out at me: About 70 percent of the companies in the 2019 survey “feel moderately to extremely vulnerable to insider attacks.”

What about 2020? The Hollywood trade publication Variety published “Ticketmaster Will Pay $10 Million Fine to Settle Federal Charges It Hacked Rival’s System.” Hollywood. Companies brokering tickets in the time of Covid. I learned:

Ticketmaster agreed to pay a $10 million criminal fine to avoid prosecution over charges that it illegally accessed systems of a startup rival to steal proprietary info in an attempt to “choke off” the smaller company’s business, federal authorities said.

How did Ticketmaster compromise the target? Hacking, crimeware as a service, Fancy Dan penetration testing tools?

The answer? Read it for yourself:

A former employee of ticketing firm CrowdSurge (which later merged with Songkick) who had joined Live Nation shared URLs with Ticketmaster employees that provided access to draft ticketing web pages that Songkick had built in an attempt to “steal back” one of Songkick’s top artist clients, federal prosecutors said. Ticketmaster, owned by Live Nation Entertainment, said in a statement that in 2017 it fired both Zeeshan Zaidi, former head of Ticketmaster’s artist services division, and the former CrowdSurge exec, Stephen Mead, “after their conduct came to light.”

How do AI infused insider trading systems work? It seems that hiring an employee from a company with interesting ways of dealing with former employees’ access rights is simple.

Companies create their own insider threat issues. No software smart or dumb can prevent problems caused by lazy, incompetent, or distracted organizations’ staff.

Stephen E Arnold, January 1, 2021

Comments

Comments are closed.

  • Archives

  • Recent Posts

  • Meta