The Biggest Cyberthreat To Companies Could Come From The Inside

Seth Rosenblatt | CNET | January 8, 2015

A recent attack against Morgan Stanley that exposed hundreds of thousands of customer accounts was an inside job, a threat experts say is nearly impossible to stop.

Companies spend billions of dollars each year to protect from determined hackers attacking from across the Internet, but experts warn they shouldn't ignore a closer threat they aren't even ready for: Inside jobs.    Morgan Stanley, one of the world's largest financial services firms, revealed Monday its customer information was breached. But it wasn't the result of determined hackers or sophisticated email attacks. Instead, Morgan Stanley said it was an employee who stole data from more than 350,000 customer accounts.

The move is a wake-up call to companies, which spent an estimated $71.1 billion in 2014 on cybersecurity, up nearly 8 percent from the year before. And while hackers have successfully attacked large companies like JPMorgan, Target and Home Depot, experts warn employees pose just as much a threat, whether they act intentionally or by accident.

While the cybersecurity industry is devising an ever growing list of technology to protect from intrusions, it turns out there's relatively little that can be done to stop an insider who already has access to a company's otherwise highly protected data.  "There's always going to be a way, just like with hacking, for insider attacks to happen," said Lucas Zaichkowsky, who used to manage computers at a major credit card processor and is now a security expert at Resolution1...