Insider Threats

Posted on by Dana Mancuso

An insider’s identity might surprise you.

When you think of an insider you might think of someone “in the know” or part of a select group. You also may think of the term in relationship to the world of finance. Insider trading is illegal, and it makes headlines when it happens on a large scale.

You likely don’t consider yourself an insider, yet you are. As a member of the University of Illinois community (or any organization), you have access to at least some networks, systems, or data. Whenever a person has the potential to cause a cybersecurity incident or a data breach-even unintentionally-it is known as an insider threat.

Often cybersecurity incidents due to insider activity happen by accident. What seemed an innocent action resulted in an unintended consequence.

Earlier in 2023 a disciplinary investigation was launched at an international company stemming from an employee allegedly sharing private information. The individual transcribed a recorded meeting with an audio-to-text application and then entered that transcription into an AI tool to create meeting notes. [SOURCE: Samsung employees allegedly leak data via ChatGPT (cshub.com)]

What’s the cure? Be cybersecure.

Taylor Judd, Manager of Cybersecurity Infrastructure and Engineering with Technology Services, offers some simple actions you can take to reduce the chance that YOU become an insider threat.

Out with the old.

Anytime you re-share or share something, review the existing permissions, and remove those that no longer apply. Get rid of old equipment, forms, and cloud storage. “You have your spring house cleaning; do a fall clean of your digital life both professionally and personally. Old data can still be exploited even if it’s not used actively,” he said.

When in doubt: report.

The cybersecurity team is here to help and appreciates any reports of suspicious digital activity to security@illinois.edu.

Judd also suggested carefull consideration for requests to share. Double check unusual requests or messages using a separate communication method, like a known email address or trusted phone number. “If something sounds off, take time to independently confirm that it’s legitimate,” he advised.

Keep sensitive information secure.

“One way is to avoid putting sensitive information into ChatGPT or another AI platform. Another way is to lock your computer or device whenever you’re not using it,” Judd said.

On a Windows computer, press the Windows key plus the L key (for Lock) on your keyboard at the same time. To find the Windows key, check near the space bar for a key that looks like the Windows logo.

Guard the physical security of your space.

When an unauthorized person closely follows someone else who is authorized into a restricted area it’s called tailgating, and it can pose a security risk.

The Cybersecurity Training & Awareness Team suggests preventing tailgating into secured areas by using the ABCs:

• Ask coworkers to scan their own i-cards so there is a record of who enters secured areas.
This helps with safety, such as in case of a building fire.
• Be cautious about holding the door for visitors, including delivery people.
• Close doors securely behind you.

More information about insider threats is in this quarter’s faculty and staff cybersecurity training. 
https://go.uillinois.edu/securitytraining

Watch for more cybersecurity tips throughout the 2023-24 academic year.

Individuals with malicious intent are all over the internet looking for ways to reach you and get something they want: money, data, information. We can read daily about harmful scams, identity theft, phishing, and ransomware.

What’s the cure? You!

When you actively work to secure your digital life, you become less of a target. You can close or lock doors once open to bad actors with simple actions.