Insider Attack

Why Trust Techopedia

What Does Insider Attack Mean?

An insider attack is a malicious attack perpetrated on a network or computer system by a person with authorized system access.

Advertisements

Insiders that perform attacks have a distinct advantage over external attackers because they have authorized system access and also may be familiar with network architecture and system policies/procedures. In addition, there may be less security against insider attacks because many organizations focus on protection from external attacks.

An insider attack is also known as an insider threat.

Techopedia Explains Insider Attack

Insider attacks can affect all computer security elements and range from stealing sensitive data to injecting Trojan viruses in a system or network. Insiders also may affect system availability by overloading computer/network storage or processing capacity, leading to system crashes.

Internal intrusion detection systems (IDS) protect organizations against insider attacks, but deploying such systems is not easy. Rules must be established to ensure that unintended attack warnings are not triggered by employees.

In 2008, a noteworthy insider attack occurred when Terry Childs, a network engineer for the San Francisco Department of Telecommunications and Information Services, altered the city’s network passwords, locking FiberWAN access for 12 days. Childs was found guilty of felony network tampering. The work required to regain system control cost the city of San Francisco $900,000, and 60 percent of city services were affected by the insider attack.

Advertisements

Related Terms

Margaret Rouse
Editor

Margaret jest nagradzaną technical writerką, nauczycielką i wykładowczynią. Jest znana z tego, że potrafi w prostych słowach pzybliżyć złożone pojęcia techniczne słuchaczom ze świata biznesu. Od dwudziestu lat jej definicje pojęć z dziedziny IT są publikowane przez Que w encyklopedii terminów technologicznych, a także cytowane w artykułach ukazujących się w New York Times, w magazynie Time, USA Today, ZDNet, a także w magazynach PC i Discovery. Margaret dołączyła do zespołu Techopedii w roku 2011. Margaret lubi pomagać znaleźć wspólny język specjalistom ze świata biznesu i IT. W swojej pracy, jak sama mówi, buduje mosty między tymi dwiema domenami, w ten…