By Garret Crosier, Senior Systems Technician at Atom Creek
Do you love movies? I do.
Did you love Jurassic Park? I did (still do)
Without one guy the whole movie would not have worked or been very entertaining, this guy:
Dennis Nedry- Automation Technician- played by Wayne Knight
Could you imagine it, a movie where everything went fine?
The T-rex never gets out, the system never goes down?
That would be ideal in real life, right?
Fiction is fueled with bits of truth and these people do exist. Often, we find out these people work in our companies, and only after an effect of their actions is found, do we find out and have to take actions.
In IT we have a name for this kind of employee, a “Bad Actor” not for his portrayal in the film, but for his actions and intent.
For this, I would like to focus on internal “Bad Actors” in our organizations.
What is a Bad Actor?
“Bad actors” is a general term for entities (individuals, criminal enterprises, nation-states, etc.) who act to breach or use an IT system counter to the desire of its administration and owners. Their motivations include theft or stealth control of IT assets or even just plain misuse of resources.
If workers make the leap to becoming “Bad Actors”, the impact to an organization can be shocking, and potentially far more calamitous than the attempts of external threats. It is common to think of insider threats as being a risk due to malicious intent, but negligence and unintentional errors can be just as much, if not more, of a component.
On the other hand, intentional insider threats are on the rise according to recent industry news. These can be difficult to detect because these employees may have legitimate access and knowledge of the company’s security procedures and policies in place.
To further complicate the risks, an increasing number of businesses are taking the leap to place their data in the cloud where monitoring of user behavior and file access may be less rigorous or not yet in place. Staff being able to use personal mobile devices on the corporate network is also an area where organizations need to be increasingly vigilant.
6 Things to consider about Bad Actors:
- Not all bad actors are intentional- these actions can often be driven by a lack of understanding of technical knowledge.
- These actions can result from a failure to implement good Policies both from HR or IT. Like lest privilege, which limits access to only the very minimum access to what each user needs to perform their job/task.
- Often the intentional actions could have been caught or prevented with advanced firewalls and other security options (many of which or offered by Atom Creek)
- These actions can further be negated by networking controls, like disabling ports not actively in use by validated company equipment.
- Misuse of company equipment like desktops is common when users are allowed to be local administrators (allowing them to make changes and install software without approval) on the basis of “making things easier”.
- Awareness training can go a long way towards combating this, as well as making other users in your organization more aware of potential issues.
No matter your current security posture or plans inside bad actor threats intentional or not will exist at your business. Teaching your employees about the new and evolving threat environment including instituting common best practices, like the rules of least privilege, can both combat them and protect your business’s assets and reputation.
If you are worried about the risks of having any bad actor’s in your organization, or the potential risk to your business and reputation, we would like to work with you towards eliminating these risks. To help combat these bad actors or for any, IT concerns you may have contact Atom Creek today. We will help you identify the best solution, as well as work with you and your staff to implement it in your entire organization.