Inside Threats

Security threats that originate from inside a network can be more harmful than outside threats. Inside threats are especially dangerous and can often be overlooked by network administrators. Computers that reside on the inside network typically have a high degree of access to inside resources. Also, employees and trusted users are likely to have critical information about the network, including passwords.

High profile inside threats include disloyal and disgruntled employees who use their inside access to destroy, steal, or tamper with data. These types of attacks cannot be completely protected against. However, well defined security policies can minimize the risks from this type of threat. For example, organizations should avoid using just a handful of passwords to protect all computer resources. Large companies should establish clear procedures for removing employee accounts and passwords in the event that an employee leaves the company.

The most harmful inside threat is a typical end user of a network. Unaware end users can crash a network by carelessly opening e-mail attachments, installing unauthorized software, mounting disks from home, or even browsing the web. The typical cause of inside attacks is an end user who opens an e-mail attachment only to copy a virus to the computer. Many viruses thrive on the corporate network. E-mail viruses typically mail themselves to accounts listed in e-mail address books. Many corporations keep staff e-mail lists loaded on every computer, where a virus can quickly spread to all members of a company. Viruses can also seek out and infect shared files and folders, which are common on corporate networks.

A growing problem for corporate networks is the widespread popularity of instant messaging and peer-to-peer file sharing. Employees may download instant message software, such as Microsoft Messenger or America Online (AOL) Instant Messenger. The instant message software is used to chat in real time with co workers, friends, and family. Other users may download peer-to-peer file sharing software based on Gnutella or some other technology. Both instant messaging and peer-to-peer file sharing programs can be used to transfer virus-infected files to the local computer. Both of these types of programs listen for connections originating from the Internet. Chat and file sharing applications may be vulnerable to other forms of exploitation.