Insider Threat News: Two Interesting Situations at Two Sophisticated Companies

March 21, 2022

As you may know, I enjoy pointing out that some big buck cyber security systems struggle with insider threats. Isn’t it easier to put the words “detect and prevent insider threats” on a marketing slide deck than implement the service?

Two events may serve to remind those who wonder about the risks insider threat pose.

First, “Microsoft Investigating Claim of Breach by Extortion Gang” explains that a bad actor entity advertised for insiders. This quote is from the cited article:

We recruit employees/insider at the following!!!! Apple, IBM, and Microsoft. TO NOTE: WE ARE NOT LOOKING FOR DATA, WE ARE LOOKING FOR THE EMPLOYEE TO PROVIDE US A VPN OR CITRIX TO THE NETWORK, or some anydesk.

If accurate, this group (LKAPSUS$) is clear about the why and what it wants. The article alleges that Microsoft is beavering away to determine if its systems have been breached. Don’t the Softies use Defender and other MSFT cyber defense services? Yeah, well.

Second, Apple made headlines because an insider spoofed Apple’s security to the tune of an alleged $10 million. “Former Apple Employee Charged with $10M Fraud” reports:

… Prosecutors allege that while Prasad negotiated with suppliers and entered invoices into the purchasing system, he was conspiring to take kickbacks, using false repair orders to steal parts, and paying for goods and services never received using Apple’s money. The charges go on to allege tax evasion, wire and mail fraud, defrauding the United States, and money laundering, noting that Prasad was fired from Apple in December 2018 after a decade of employment.

How about those internal security and auditing business processes? Apple cares about privacy and security is the firm’s assertion. Again: Marketing is easier than preventing an insider threat.

Why am I bringing up a subject which is not discussed in the specific context of expensive cyber security systems? I offer these examples to make clear that what a cyber outfit says and what its products and services do are less reliable than a decade AvtoVAZ LADA. If you are not familiar with these vehicles, try to find one to drive on a long road trip through the Rocky Mountains. No LADA? Go for a Renault.

Stephen E Arnold, March 21, 2022

Written by Stephen E. Arnold · Filed Under cybersecurity, Microsoft, News

Comments

Comments are closed.

Search the site
Subscribe to Beyond Search
Feature archive
News archive

Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.