Insider Attack

Why Trust Techopedia

What Does Insider Attack Mean?

An insider attack is a malicious attack perpetrated on a network or computer system by a person with authorized system access.

Advertisements

Insiders that perform attacks have a distinct advantage over external attackers because they have authorized system access and also may be familiar with network architecture and system policies/procedures. In addition, there may be less security against insider attacks because many organizations focus on protection from external attacks.

An insider attack is also known as an insider threat.

Techopedia Explains Insider Attack

Insider attacks can affect all computer security elements and range from stealing sensitive data to injecting Trojan viruses in a system or network. Insiders also may affect system availability by overloading computer/network storage or processing capacity, leading to system crashes.

Internal intrusion detection systems (IDS) protect organizations against insider attacks, but deploying such systems is not easy. Rules must be established to ensure that unintended attack warnings are not triggered by employees.

In 2008, a noteworthy insider attack occurred when Terry Childs, a network engineer for the San Francisco Department of Telecommunications and Information Services, altered the city’s network passwords, locking FiberWAN access for 12 days. Childs was found guilty of felony network tampering. The work required to regain system control cost the city of San Francisco $900,000, and 60 percent of city services were affected by the insider attack.

Advertisements

Related Terms

Margaret Rouse
Technology expert
Margaret Rouse
Technology expert

Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret’s idea of ​​a fun day is to help IT and business professionals to learn to speak each other’s highly specialized languages.