Insider Threat Definition An insider threat is a securit...
When the Insider Threat Wants to Steal Your Trade Secrets
We’ve covered several recent stories in the news about employees creating fraudulent invoices, entering fictitious vendors or changing bank account details to enrich themselves. These stories all focused on an employee or contractor diverting funds to themselves. But there’s another tactic that the inside threat can take that has even more devastating consequences to the enterprise: theft of intellectual property (IP).
Semiconductor manufacturer Micron Technology discovered this when three former employees allegedly stole IP and provided it to a Chinese competitor. The former president of a Micron subsidiary in Taiwain, Micron Memory Taiwan, resigned and started to work with a competitor in 2015. He reportedly conspired with two Micron employees to steal DRAM technology.
One of those employees allegedly downloaded over 900 confidential and proprietary Micron files onto external USB drives and a Google Drive account. The employee also ran a couple of tools on his laptop to cover his tracks. Now here’s the tough pill to swallow – the market value of the IP is estimated to range from $400 million to $8.75 billion!
Earlier this year, two Apple employees were charged with stealing IP from its autonomous car project. In the most recent indictment, a former employee allegedly accessed and downloaded thousands of files containing everything from manuals, schematics, diagrams and more. Investigators also found a large collection of photographs of computer screens with confidential information. Previously, another employee was charged with stealing over 40GB of sensitive data about the car project onto his wife’s laptop.
Thinking you’ve heard this story from Apple already? Well, you probably remember a similar story from Tesla. The company experienced a data breach from a trusted employee. In order to access the IP, the employee created several false usernames inside Tesla’s main production OS. In addition to changing actual master data, he then allegedly exported massive amounts of sensitive data to third parties. This was all in retaliation because he was passed over for a job promotion.
Don’t worry… there are steps you can take to protect the enterprise. Attend our upcoming live webinar on the 10 steps you need to take to protect your business-critical applications from the insider threat. Click here to learn more and register.