The last post tackled the damage an internal threat might do to a person on the outside of a business organization. This post deals more with the threat from within from the viewpoint of the targeted organization itself. The problem with an internally planted backdoor or some other form of malware is that it is integrated with the programs themselves that are supposed to provide security to the system. The system that is affected can most of the time be freed of these stated threats by re-installing the said application with a version that is free of the problem code.
Just imagine the amount of information that has to be moved, re-processed and re-stored just to make up for a few lines of code that has been very well placed, hidden from view. Firewalls were supposed to prevent intrusion to links of the organization from the outside and inside but if the firewall was not to know the workings of the said code, it would recognize it as a legitimate process and allow the transfer of data without taking a second look. Corporate espionage has rival companies trying to get at the other’s secrets in hopes of getting ahead of other competitors. In the US, the FBI and other Internal security forces continuously monitor such activities such as the problem when stocks were manipulated within the Stock Exchange itself to boost the value of a particular stock to favor investors.
The risks the information we entrust to companies who serve us is great and sure they do take all necessary preventive measures as much as they could, but a threat from within is truly an adversary to be dealt with.