In 2015, a group of international hackers was able to breach over 100 bank networks across 30 countries, making off with over one billion dollars. How did these cybercriminals penetrate so many institutions’ reinforced network defenses? The attackers walked through these organizations’ front doors, so to speak.

That is, rather than targeting their secure networks directly, the hackers were able to circumvent cybersecurity protocols by going after employees instead. Specifically, the hackers sent an email to targeted employees with an infected attachment; the first employee who opened the attachment opened the door for the attackers to slip through.

Indeed, this example shows that employees can often be the weakest link in an organization’s defense against hackers. In most cases employees aren’t aware of this. Unbeknownst to employees, hackers may use them as a gateway for entry into their organization’s underlying network. Hackers may enter through employees’ smartphones or through virus-infected emails, for instance, and then pivot to compromise the entire network infrastructure.

On the other side of this spectrum, in some cases an employee may be a hacker. Just consider that 50 percent of federal agencies were targeted by inside threats between 2014 and 2015. Also consider the inside job recently experienced by Morgan Stanley; up to 730,000 account numbers were stolen from the organization’s database by an employee. Confidential information about individual customers was transferred to the employee’s private server in his home from June 2011 to December 2014.

To ensure a malicious inside job doesn’t impact your organization, proper hiring and vetting processes must be in place. In addition, a post-breach security plan is crucial. Packet intelligence is a vital component for any organization’s incident response workflow and overall security strategy. Savvius delivers the critical information and insights that enhance post-breach investigations. For more information visit: https://www.savvius.com/products/security.

In Part 2 of this series, we will discuss three considerations that organizations should have when it comes to educating employees on network security, so stay tuned!