As a business leader, you’d like to believe that your staff are entirely trustworthy. Effective enterprises run on workforce confidence – but in some cases, that trust can be misplaced.
In November, CrowdStrike admitted one of its own employees had provided screenshots of internal systems to hackers in exchange for a sizable payout. Industry experts have told ITPro the incident should act as a wake up call to the all-too-serious risk of insider threats.
Earlier in the month, websites all over the world went offline after a major outage at the content delivery network service provider Cloudflare. What was the cause of the incident: had Cloudflare fallen victim to the kind of DDoS attack it’s famous for preventing?
In this episode, Jane and Rory welcome back Ross Kelly, ITPro’s news and analysis editor, to explore some of November’s biggest stories.
Highlights
"The individual was believed to have been paid around $25,000 for this, which all things considered, I think, is quite low when you're risking being fired and, you know, a potential jail sentence in the aftermath of this. So these were leaked on Telegram. CrowdStrike, obviously, was made aware of this and they reacted pretty swiftly like we mentioned. That person has since been dismissed, I don't think it was too much of an issue for HR in that situation."
"A lot of organizations still lack formal insider threat programs. It's something that's just not really on their radar because a lot of the time, the headlines are based around you ransomware attacks, malware, etc, etc. And so, you know, when you have an individual in your company that's potentially at risk, how do you deal with that?"
“An outage at Cloudflare, I think, is a worst case scenario for a lot of organizations, a lot of online services."
“The outage itself was a result of a bug in its bot management software. So, the software that essentially allows websites to allow bots onto their individual sites, or prevent bots from accessing their sites, a bug in that service and that software caused this, which created somewhat of a cascading effect where a lot of websites essentially just were bricked for a good couple of hours."
Footnotes
- If you're not taking insider threats seriously, then the CrowdStrike incident should be a big wake up call
- Nearly 700,000 customers impacted after insider attack at US fintech firm
- AI means cyber teams are rethinking their approach to insider threats
- ‘Insiders don’t need to break in’: A developer crippled company networks with malicious code and a ‘kill switch’ after being sacked – and experts warn it shows the huge danger of insider threats
- Everything you need to know about Cloudflare
- The Cloudflare outage explained: What happened, who was impacted, and what was the root cause?
- Cloudflare says AI companies have been “scraping content without limits” – now it’s letting website owners block crawlers and force them to pay
- Security experts issue warning over the rise of 'gray bot' AI web scrapers
- Cloudflare is fighting back against AI web scrapers
- Nearly half of all digital initiatives still fail – here’s how you can learn from the ‘digital vanguard’ and deliver success
Subscribe
- Subscribe to The IT Pro Podcast on Apple Podcasts
- Subscribe to The IT Pro Podcast on Spotify
- Subscribe to the IT Pro newsletter
- Join us on LinkedIn
-
Alteryx names former Salesforce, Oracle strategist as new global technology alliances leadNews The former Salesforce and Oracle leader will spearhead Alteryx’s partner strategy as the vendor targets deeper ecosystem collaboration
-
Microsoft launches Fara-7B, a new 'agentic' small language model that lives on your PCNews The new Fara-7B model is designed to takeover your mouse and keyboard
-
If you're not taking insider threats seriously, then the CrowdStrike incident should be a big wake up callNews CrowdStrike has admitted an insider took screenshots of systems and shared them with hackers, and experts say it should serve as a wake up call for enterprises globally.
-
Getting a grip on digital identityITPro Podcast As AI agent adoption explodes, security leaders will need better identity controls than ever before
-
Microsoft and Cloudflare just took down a major phishing operationNews RaccoonO365’s phishing as a service platform has risen to prominence via Telegram
-
NinjaOne expands availability on CrowdStrike MarketplaceNews CrowdStrike Falcon customers now have simplified access to NinjaOne’s automated endpoint management capabilities
-
Let’s talk about digital sovereigntyIn the age of AI and cloud, where data resides is a key consideration
-
Can cyber group takedowns last?ITPro Podcast Threat groups can recover from website takeovers or rebrand for new activity – but each successful sting provides researchers with valuable data
-
Perplexity hits back at Cloudflare amid claims of website 'stealth crawling' to dodge AI blocksNews Perplexity has hit back at claims by Cloudflare that it's been stealthily crawling websites, suggesting recent research was a "sales pitch" for a new blocking product.
-
July rundown: Salt Typhoon and SharePoint scaresITPro Podcast US public sector organizations are under serious threat from the state-backed hacking group
