Insider Threats: Yep, a Problem for Cyber Security Systems

August 20, 2020

The number of cyber threat, security, alerting, and pentesting services is interesting. Cyber security investments have helped cultivate an amazing number of companies. DarkCyber’s research team has a difficult time keeping up with startups, new studies about threats, and systems which are allegedly one step ahead of bad actors. Against this context, two news stories caught our attention. It is too soon to determine if these reports are spot on, but each is interesting.

The first report appeared in Time Magazine’s story “Former CIA Officer Charged With Giving China Classified Information.” China is in the news, and this article reveals that China is or was inside two US government agencies. The story is about what insiders can do when they gather information and pass it to hostile third parties. The problem with insiders is that detecting improper behavior is difficult. There are cyber security firms which assert that their systems can detect these individuals’ actions. If the Time article is accurate, perhaps the US government should avail itself of such a system. Oh, right. The US government has invested in such systems. Time Magazine, at least in my opinion, did not explore what cyber security steps were in place. Maybe a follow up article will address this topic?

The second news item concerns a loss of health related personally identifiable information. The data breach is described in “Medical Data of Auto Accident Victims Exposed Online.” The security misstep allowed a bad actor to abscond with 2.5 million health records. The company responsible for the data loss is a firm engaged in artificial intelligence. The article explains that a PII health record can fetch hundreds of dollars when sold on “the Dark Web.” There is scant information about the security systems in place at this firm. That information strikes me as important.

Several questions come to mind:

  • What cyber security systems were in place and operating when these breaches took place?
  • Why did these systems fail?
  • Are security procedures out of step with what bad actors are actually doing?
  • What systemic issues exist to create what appear to be quite serious lapses?

DarkCyber does not have answers to these questions. DarkCyber is becoming increasingly less confident in richly funded, over-hyped, and ever fancier smart security systems. Maybe these whizzy new solutions just don’t work?

Stephen E Arnold, August 20, 2020

Comments

Comments are closed.

  • Archives

  • Recent Posts

  • Meta