Brian Jackson - Fotolia

Ofcom data breach highlights insider threat

That a former employee of communications regulator Ofcom stole data should act as a warning about the insider threat in every organisation, say experts

Security Editor

UK communications regulator Ofcom has revealed that a former employee offered stolen – commercially sensitive – information to his new employer, highlighting the insider threat.

Download this free guide

3 key web security guidelines from FS-ISAC

We address the ongoing issues regarding web security for businesses relying on an online presence. Download this e-guide and discover how to identify and address overlooked web security vulnerabilities as well as why you should look at the full security development lifecycle to reduce web threats.

Corporate E-mail Address:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

The man’s new employer, a major broadcaster, declined the offer and alerted Ofcom that its former employee had downloaded up to six years’ worth of data while still at the regulator, according to the Guardian.

The data had been provided by TV broadcasters to Ofcom and could have been used by rivals to gain a competitive edge.

Ofcom has alerted all the TV companies that were affected by the breach – the biggest known breach in the regulator’s history.

“This was a breach of the former employee’s statutory duty under the Communications Act and a breach of the contract with Ofcom,” the regulator said in a statement.

“Ofcom takes the protection of data extremely seriously, and we are very disappointed that a former employee has chosen to act in this manner,” the regulator said, adding that the extent of the disclosure had been “limited” and “contained”.

Secuity industry commentators say the breach underlines the need for organisations to take seriously the threat of insiders wittingly or unwittingly leaking commercially sensitive data.

“Spotting cyber security incidents that arise from within a company can be particularly tricky, as the perpetrator may have legitimate access to sensitive data,” said Luke Brown, vice-president and general manager for Europe at security firm Digital Guardian.

“This breach shows that regardless of any defensive perimeter security, without taking steps to secure the data itself organisations can still fall victim of a significant data breach.”

Measures to contain misuse

According to Brown, one answer is data-aware security technology which, in the case of Ofcom, could have prevented – or, at the very least, recorded – the employee downloading and copying sensitive data without approval or permission.

“This news should act as a warning to other businesses that they must start taking the problem of the ‘insider threat’ seriously,” he said.

Christine Andrews, managing director of governance, risk and compliance firm DQM GRC, said this type of data leakage is an extremely common and serious threat to businesses.

Andrews said research has shown that a quarter of employees would sell private company data and risk both their job and a criminal conviction for just £5,000.

“High-profile, targeted attacks – such as TalkTalk and Sony Pictures – generate fear in businesses from external hacking attempts; but, in this day and age, businesses need to be wary of both those on the inside as well as on the outside,” she said.

Data watermarking

However, Andrews said there are ways companies can keep an eye on their confidential information – even when it has left the building.

Data watermarking allows you to add unique tracking records, known as seeds, into your database. These monitor how your data is used outside your organisation's direct control.

“The service works for e-mail, physical mail, landline and mobile telephone calls and is designed to build you a detailed picture of the real use of your data,” she said.

Recent research by both government and private industry has highlighted the main weaknesses that make organisations vulnerable to insider attacks.

These include: poor management practices, poor use of auditing functions, a lack of protective security controls, a lack of role-based security risk assessments, inadequate corporate governance and a poor security culture.

There are five key areas that organisations need to address to reduce the risk insider threats, according to Peter Wood, chief executive of security firm First Base Technologies.

These are: staff vetting, education, protective controls, detective controls and security testing.

Join the conversation

1 comment

Send me notifications when other members comment.

Oldest

[-]

ncberns - 11 Mar 2016 10:44 AM

Our data is in danger from probes (and downright theft) from outsiders as well as insiders. What does it tell you about our security systems if insiders can blithely download sensitive data and outsiders seem to have little problem accessing that sensitive data.

More importantly. what can we do about it without locking down the system so securely that it becomes far less useful to the people who use it...?

Read more about the insider threat

Measures to contain misuse

Data watermarking

Read more on Privacy and data protection

Join the conversation

1 comment

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.