Stephen Bonner, a partner in KPMG’s Information Protection & Business Resilience team, highlights the need for businesses to be wary of insider threats on the back of the news of spying on offline computers. He says:
“It is tempting to break the world of cyber security into the attacks we see against our networks from the outside, malicious action by insiders, and then physical attacks on systems. This has been a convenient taxonomy in the past, but sometimes leads us to forget that our adversaries don’t always think this way and that the boundary between cyber and the physical world is blurring.”
“Organised crime groups, hostile corporates and countries may be just as interested in recruiting insiders to help them as they are to attack systems remotely. Attacks on physical targets can also be a very effective way into corporate networks – whether it is sniffing wifi networks, looking for open network ports in visitor areas, or finding opportunities to attach the sort of kit we saw in recent attacks against UK banks – a simple keyboard, video, mouse switch or key logger. The recent Snowden disclosures have also shown just how interested States can be in these sorts of attacks. Information collected from external networks and social media can make targeting and social engineering easier, and a little tampering with network devices in situ makes remote access so much more straightforward.”
Bonner concluded: “The key is to take a holistic view of the threat – thinking about who your adversaries might be, what they might be after – and the various ways they might achieve their goals. Moreover, keeping the different branches of security talking matters – cyber exercises or war games are a good way of making sure they can work together to deal with any incident. In short – attackers don’t respect your stovepipes.”
- ENDS -
KPMG Press Office
T: 020 7694 8812
M: 0788191 6975
KPMG Press Office
T: 020 7311 5271
M: 07917 384 576
KPMG Press Office: 020 7694 8773
KPMG LLP, a UK limited liability partnership, is a subsidiary of KPMG Europe LLP and operates from 22 offices across the UK with approximately 11,500 partners and staff. The UK firm recorded a turnover of £1.8 billion in the year ended September 2013. KPMG is a global network of professional firms providing Audit, Tax, and Advisory services. It operates in 155 countries and has 155,000 professionals working in member firms around the world. The independent member firms of the KPMG network are affiliated with KPMG International Cooperative ("KPMG International"), a Swiss entity. Each KPMG firm is a legally distinct and separate entity and describes itself as such.
This article represents the views of the author only, and does not necessarily represent the views or professional advice of KPMG in the UK.