Hacked from the inside – When there really is a monster under your bed
*This post originally appeared on the AppSense blog prior to the rebrand in January 2017, when AppSense, LANDESK, Shavlik, Wavelink, and HEAT Software merged under the new name Ivanti.
The most recent rash of security breaches, like the Hollywood Presbyterian Medical Center, has us thinking about how these breaches get executed.
Hacking and malware attacks, while initiated from outside an organization, often need ‘assistance’ from inside the organization—the ‘inside man’—in order to be successful. Hackers use social engineering techniques to fool unsuspecting users into downloading and opening unknown executables or even providing logon and password information, giving a hacker his much-needed inside access.
Providing users with system security training and ongoing communication about potential security breaches can prevent a lot of problems. But what do you do when the hacker is the Inside Man? How do you stop someone with malevolent intentions who’s an end user in your organization?
Pearland Independent School District of Pearland, TX investigated how a student brought his own malware toolkit into his high school, copied them onto school’s computers from a USB and ran those tools. His end game was to steal the Social Security numbers for students, parents, teachers, and staff, and sell the information.
To find out more about the hack, and how Pearland ISD leveraged AppSense technology to stop the attacks, attend our March 9th webinar How I Stopped a Kid Hacker.