New insider threat?

Thanks to this post by blogger gattica I learned of a disturbing trend.  According to the newly formed Serious Organised Crime Agency (SOCA), in the UK organized crime members are getting jobs inside companies to steal stuff. Criminals have always gotten jobs as insiders to steal stuff but this is at a new level.

I used to do internal security assessments for one of the final four auditors. I would spend three or four days poking around the networks of large companies. These included computer manufacturers, big banks, insurance companies, publishers, and even railroads. In every case it took about two days to figure out how to rob them.  And I don't mean stealing customer lists or credit card information which is easy. An insider who can freely traverse the network and use port scanners and brute force tools can quickly figure out the business process, grab passwords and start to steal stuff. Not having the privileges of a trusted auditor it might take longer. Often it was insiders that pointed me towards the weakest systems.

It is a very good thing that most people, especially IT people are very trustworthy, or at least fear reprisals enough to keep their hands out of the till. But if organized crime is sending in their troops it is time to start thinking seriously about hardening internal systems.  (Oh yeah, and doing background checks.)