Work From Home Opens New Remote Insider Threats
June 23, 2020

By Lindsey O'Donnell at

Remote work is opening up new insider threats – whether it’s negligence or malicious employees – and companies are scrambling to stay on top of these unprecedented risks.

Employees working from home face a new world of workplace challenges. With childcare facilities mostly closed, many are juggling crying babies or barking dogs, all while tending to job responsibilities. Under those conditions mistakes happen, like sending an email – with critical internal company data – to the wrong address.

This is just one of many insider threat risks that security experts worry will become a regular occurrence. That’s because remote employees have been thrust into new working environments, with no face-to-face supervision and little to no training for handling new security risks. And, they are also facing more distractions from their home settings, as well as new emotional stresses tied to COVID-19.

All of these factors are creating a ticking time bomb for insider threats risks – which according to a report released last week, have already increased by 47 percent since 2018. Worse, security experts warn that organizations aren’t ready for this influx of remote work induced challenges.

“The [work from home] trend due to the COVID-19 pandemic has significantly increased insider threats from employees taking risks with company assets, such as stealing sensitive data for personal use or gain as employers have less visibility to what employees are doing or accessing,” Joseph Carson, chief security scientist and advisory chief information security officer at Thycotic, told Threatpost.

Negligent Insiders: Lack of Training

Insider threats can stem from either “negligent insiders” – which according to Proofpoint is the most common and accounts for 62 percent – or from malicious insiders, who intentionally steal data or company secrets.

The “negligent insiders” are the bigger threat here, researcher say. They may be employees who are well-intentioned, but who mistakenly give away company data or put company data at risk. They might open a phishing email, fall victim to a business email compromise (BEC) scam, or leave a cloud storage bucket misconfigured.

The work from home world has paved the way to an unsecured environment that allows these mistakes to happen more easily, security experts argue. For starters, many remote employees have not been given the appropriate training for how to secure their laptops and how to handle sensitive data in a work from home environment.

A recent survey from IBM Security found that more than half surveyed have yet to be given any new security policies on how to securely work from home. Also, more than half surveyed have not been provided with new guidelines on how to handle personal identifiable information (PII) while working from home, despite more than 42 percent newly being required to do so as consumers lean on customer service representatives for a variety of services.

In addition to a lack of employee training, experts worry remote employees are using company devices that may have been dependent on network security for protection – such as email gateways, web gateways, intrusion detection systems or firewalls – and moving them to unsecured networks.

The IBM Security survey for instance found that 53 percent of remote employees are using their personal laptops and computers for business operations – and 61 percent say their employer hasn’t provided tools to properly secure those devices.

Remote employees are also dealing with the challenges of working remotely and potentially needing to juggle childcare. That, coupled with the overlying stresses from the pandemic and the pressures of regular work, can open the door for simple mistakes. For instance, on average, 800 emails are sent to the wrong person every year in companies with 1,000 employees, according to Tessian. Experts worry that the new workplace environment could make this type of mistake more common.

“Initially, the sudden shift in environment was taxing on employees, which increased the likelihood for mistakes to be made that could have incredible repercussions for data privacy – for example, sending an email to an incorrect recipient or clicking on a phishing link,” said Durbin. “As remote working continues, organizations continue to digitalize traditionally physical process, such as reliance on post or face-to-face meetings, inevitably driving more sensitive data online.”

Malicious Insiders

While “malicious insider” threats are less common (according to Proofpoint, these types of threats only occur 14 percent of the time), coronavirus-spurred changes to the workforce is making it more difficult for organizations to root out these threats.

According to Verizon’s 2020 Data Breach Investigations Report (DBIR), malicious insider threat motivations vary. Financial motivations are the most popular, but espionage or disgruntled employees are listed as other common reasons.

Malicious insider threats may stem from the emotional toll of change. Earlier in May, for instance, a former BlueLinx IT manager, unhappy after his company was acquired by a large Atlanta-based building products distributor, was sentenced to federal prison for hacking his former Atlanta-based employer.

Experts worry what kind of emotional toll the current changes in today’s coronavirus world will have on employees. Many employees currently have concerns, need support and require protection. Employees may react maliciously to potentially limited

Popular Topics
Work From Home Opens New Remote Insider Threats
COVID-19 reinforces the need for connectivity
Silk UI Framework Simulation Device
Resize the window to preview the page in target devices.
Open the settings to change the simulation device options.
Click here to see your activities