The accidental hackers: Insiders pose the top threat to DOD networks
A survey by SolarWinds finds that careless or untrained users are the biggest source of threats, and they can do as much damage as any hacker.
IT security pros in the military are keenly aware of the threats posed by cyber spies and hackers, but what worries them most are the people on their own side.
A recent survey of Defense Department IT professionals found that 55 percent said careless and untrained insiders are the greatest source of threats to their agencies’ IT security. And while 66 percent said malicious insider threats could be as damaging or more than external attacks, 56 percent also said the damage done by careless insiders could be just as bad those caused by malicious insiders.
SolarWinds, in conjunction with Market Connections, conducted the survey, its second annual, quizzing 200 IT pros in the federal government, covering civilian, defense and intelligence community agencies, and broke out the results by category. The resulting DOD subset closely follows the overall results in most categories.
Careless insiders were the top threat, but survey participants didn’t forget about the outside world. Foreign governments were cited as the next most common threat (43 percent), followed by the general hacking community (33 percent), terrorists (24 percent) and malicious insiders (23 percent).
Despite respondents’ concerned about insider threats, they said that external threats are still the primary focus of cybersecurity spending. While 64 percent said their agencies had increased investments—either significantly or somewhat—to counter external threats, only 52 percent said investment had increased to counter insider threats, with 5 percent saying it had decreased concerning malicious insiders and nearly 4 percent saying it had deceased with regard to careless insiders.
Survey participants said agencies’ data is most at risk on employees’ or contractors’ desktops and laptops (42 percent), removable storage such as USB drives and CDs (39 percent), personal mobile devices (36 percent) and government-owned mobile devices (31 percent).
The most common causes of accidental insider threats were identified as phishing attacks (42 percent), incorrect use of an approved personal device (38 percent), accidentally deleting, corrupting or modifying critical data (also 38 percent) and copying data to a non-secure device (37 percent).
Budget constraints were identified as the top high-level obstacle to maintaining or improving IT security, although the fact that 26 percent identified that obstacle could be a sign of improvement—in the overall survey, 29 percent identified budget constraints, down from 40 percent the year before, SolarWinds said.
Complicating efforts to prevent insider threats are the volume of network activity (39 percent), a lack of IT staff training (37 percent), pressure to change IT configurations quickly rather than securely (33 percent), use of mobile devices not limited to secure environments (32 percent) and the growing use of cloud services (31 percent).