http://www.darkreading.com/insiderthreat/security/perimeter/showArticle.jhtml?articleID=228200983 By Robert Lemos Contributing Writer DarkReading Nov 15, 2010 For 19 months, an employee at Johns Hopkins Hospital allegedly stole patients' identities, feeding the information to four outsiders who used the data to charge more than $600,000 in goods on store credit. Jasmine Amber Smith, 25, has been charged with using her inside access to fuel the identity theft ring. Employees working with cybercriminals might not be the norm for security breaches, but it's not a rare crime, either, experts say. It's not unusual for cybercriminals to gain inside access through bribery and solicitation -- two components of social engineering, according to Verizon Business' Data Breach Investigations Report. Social engineering accounted for 28 percent of breaches analyzed in the report, with solicitation and bribery leading to nearly a third of those breaches. "These were scenarios in which someone outside the organization conspired with an insider to engage in illegal behavior," the report says. "They recruit, or even place, insiders in a position to embezzle or skim monetary assets and data, usually in return for some cut of the score." While stolen data can cause public relations headaches and lose the goodwill of customers, a company's customer data may not be its most valuable asset. Companies' proprietary knowledge and corporate secrets -- such as business plans, trade secrets, and sales forecasts -- are, on average, twice as valuable, according to a March 2010 report by analyst firm Forrester Research (PDF). Yet the loss of such data is usually not reported, experts say. [...] ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/Received on Mon Nov 15 2010 - 22:13:14 PST
This archive was generated by hypermail 2.2.0 : Mon Nov 15 2010 - 22:20:26 PST