back to article Black hats are baddie hackers, white hats are goodies, grey hats will sell IP to kids in hoodies

The threat from rogue insiders, for so long dismissed as scare stories, has quietly bubbled back on to the official worry list. High-profile cases – like that brought against Anthony Levandowski over IP he was accused of stealing from Google's Waymo car division, and Jiaqiang Xu, who got five years in the clink for stealing …

  1. Doctor Syntax Silver badge

    It's not all bad

    "Globally, 4.6 per cent of respondents believed a colleague fell into the grey category, which rose in the UK to an alarming 7.9 per cent."

    I'm sure most of us can think of at least one colleague or former colleague who could have done serious damage to a competitor had they tried to cooperate with them.

    1. Throatwarbler Mangrove Silver badge
      Thumb Up

      Re: It's not all bad

      I can think of a number of former colleagues who did plenty of damage just by being employees!

    2. Daniel von Asmuth Bronze badge

      Re: It's all bad

      Richrard M. Stallman is a hacker; what the bourgeois calls hackers are cybercriminals; never mind the virtual colour of their hats.

  2. tiggity Silver badge

    Quite hard to prove an insider job too.

    Its possible to know data accessed, but if nothing *obviously* done with that data (& user has legit reasons to access the data) then nothing obviously bad has occurred.

    If decent measures in place (e.g. no external USB / bluetooth devices allowed, no user devices on wifi network, restricted internet access so no copying to third party site / emailing data to someone, logs of any files created / printed by the user and their contents, company mobiles locked down & monitored, etc, etc, etc.) still cannot be sure no data "theft" as a quick (personal) mobile phone photo or several can capture a lot of useful data when e.g. having opened customer database as part of legit fault fixing...

    I'm sure plenty of places suspect data theft but have no proof unless the thief left traces.

    Though I would be more suspicious of the manager / sales people in data slurping than the IT bods as its much rarer an IT person (compared to sales etc staff) goes to work for a competing company in same market area as a lot of alternative IT options, less so for sales staff in a particular "niche" area (& lets face it, a certain subset of sales staff have a rep for taking their contacts list with them from job to job as part of the job offer made to them is based on the value of their relationships with customers in their "area" of sales).

  3. Pete 2

    The fifth column

    When Franco was conquering Spain in their civil war, he was reported as having four columns of troops outside Madrid and a "fifth column" of supporters inside.

    Most large organisations have many staff who are happy to collect their monthly pay, yet spend a significant amount of effort actively or passively working against their employers interests. Whether those people are actively sabotaging or betraying the company or government department they work for or are just goofing around, doing nothing useful is debatable.

    However, it should be recognised that there is a broad spectrum of hostility that does not begin or end with selling the company's IP, phone directory, confidential material or client data. While that can never be stopped entirely, there are basic fixes that are easy, yet rarely implemented.

    One would be forced to conclude that even simple things like removing USB connections to PCs and scrutinising outgoing email are not common simply because organisations do not care about security. Preferring to think any breaches are down to lone-wolf employees who are outliers. That mind-set is far more acceptable (to both employers and employees) than recognising that 5% of your staff are crooks!

  4. onefang Silver badge

    "47 per cent of insider threats stemmed from maliciousness of one sort of another, with the remainder caused by carelessness."

    Hanlon's razor has some statistical backing then, but it's close.

  5. Anonymous Coward
    Anonymous Coward

    Oh why don't they ever offer me money

    I could certainly use a 2nd house, 3rd car, boat, plane, island, etc.

    But no, no one with bags of money has ever offered me anything for what I might be able to extract. Even with I worked for a company in the top .5% of the Fortune 500.

    1. Anonymous Coward
      Anonymous Coward

      Re: Oh why don't they ever offer me money

      I did get an “offer” once, in 1999 or 2000. A former sales agent went independent and became a customer that resold our wares. I still saw him from time to time, and he often asked me for assistance with IT issues. Setting up a website, arranging hosting, general stuff. All above board and paid for, our CEO at the time was aware of the arrangement.

      At a certain point he just asked me for records of all our suppliers and offered me a substantial sum for it. I reported this to the CEO and that was that.

      Had the sum been 7 figures instead of 5 I probably would have said yes though...

      1. Version 1.0 Silver badge

        Re: Oh why don't they ever offer me money

        I got the same offer once - they wanted me to jump ship and go and work for them (our competitor) and were offering a lot of money ... I thought about it but turned them down. The problem is that once you do something like that then it will follow you for the rest of your life and they will never trust you because they know that you can be turned for the right amount.

        And you know how people talk in this business ... the story will get out and you'll need to find a new career. I'm not claiming to be honest - I was tempted, but I wasn't about to get stupid.

  6. mmccul

    Ask black hats how common black hats are...

    When I've talked to companies, the executive leadership are so terrified of insider threats, so out of proportion to the actual risk, that often they create a bigger security risk by giving the security team, the very team most likely to go black hat, massive access to every piece of intellectual property in the company, even if they don't actually need that access, because security.

    Then I talk to the black hats of security, penetration testers, and they talk about insider threats as the number one source of problems.

    Then I sit down and look at the company, and see that the top source of risk isn't a malicious actor at all, and often isn't even adversarial, but structural due to their failure to invest in basic IT. Surveys like this aren't very useful except for fear mongering and encouraging further black hat activities by people with security jobs.

  7. Walter Bishop Silver badge
    Terminator

    Insider threats to your IP

    Not all insider threats to your IP are malicious .. such as visiting unsafe websites, clicking on links in emails from people they don’t know, or plugging outside USBs into their work computersref

    Good Grief :]

    1. Anonymous Coward
      Anonymous Coward

      Re: Insider threats to your IP

      Just give them a hacked USB drive with the data that they want, and hack their network to steal all their stuff. Get paid twice.

  8. Anonymous Coward
    Anonymous Coward

    Secret documents for sale cheap

    just contact me torturersrus@cia.com

    1. fm+theregister

      Re: Secret documents for sale cheap

      why not .gov? but they are quite more polite and elegant by now...

  9. fm+theregister

    greys dont screw over their employers, blacks do

    greys will help their employers by viable means, not screw them.

    1. fm+theregister

      Re: greys dont screw over their employers, blacks do

      *gray

    2. Anonymous Coward
      Anonymous Coward

      Re: greys dont screw over their employers, blacks do

      Its good to see that the vilification of blacks is still alive and well in the software industry.

      If they changed black hat to grey hat do you think people would still go?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019