SAN DIEGO – ID Analytics, which providers on-demand identity intelligence, has released the findings of its survey that analyzed the criminal behavior patterns associated with the misuse of identities stolen from the workplace by employees.
The ID Analytics’ study, “Analysis of Internal Data Theft”, sought to expose how, where and when employees misused data stolen from the workplace. The research examined more than a dozen incidents of internal data theft involving more than five million identities from consumer and employee files across organizations in the government, education and commercial sectors.
“It is the first time that harm of internal data breaches has ever been measured,” said Cooper Bachman, product analyst with ID Analytics. “Typically we hear about studies that talk about percentages that is attributed to internal data theft but never before has it been measured and analyzed to determine behavior that the employees and fraudsters are going about to perpetrate identity fraud after the breach actually occurred.”
Of the 12 incidents examined, eight ultimately led to more than 1,300 cases of attempted fraud targeting bank card, retail card and wireless providers. The research uncovered associations between transactions and patterns of criminal behavior after data theft had taken place.
In the analysis of the eight internal data breaches where harm was found, organized misuse ranged from three percent (data leak caused by mishandling data) to 36 percent (targeted employee data theft) of the identities stolen. The identities associated with these internal incidents were up to 24 times more likely to be misused than the average U.S. consumer identity.
“We are seeing the fraudster or employee use these identities to apply for goods and services,” said Bachman. He cited they were using the stolen information to apply for new credit cards or wireless devices.
Of the 1,300 cases of attempted fraud, 69 percent targeted the wireless industry.
“There is mass consumer adoption of smartphones [where] the value of actual handsets has risen over the last few years,” noted Bachman. “Now it is no longer a phone just used for calling or occasional texting, it is a web browser, streams television and acts as a mobile computer, so it is & a more popular target for fraudsters,”
As well, the study noted that misuse of the stolen identities occurred in remarkably close proximity to the site of the internal data theft. Fraudulent activity relating to each incident of internal data theft took place within 20 miles of the source, indicating that the stolen identities had not been sold or distributed on a national level.
Identities involved in internal data theft were misused in similar patterns to those taken via external attacks in terms of period of use and using the Internet to commit fraud. Most of the stolen identities in the study were used very briefly in a period of over two weeks.
“Once an identity loses its value, [fraudsters] will drop it and move to next one,” Bachman explained.
The internal theft activities also focused mainly on online channels. In five of the eight internal data breach cases, 80 percent of the fraudulent application activity was online because of its anonymous nature, said Bachman.
There are multiple ways organization can protect their data from internal theft. The first is to install hardware or software that track network access or application access. Security policies can also be established around banning the use of things like USB drives and MP3 players. As well, companies should keep sensitive data encrypted while at rest and in transfer.
“Even with all sorts of security, there will still be a human element at the center of data management,” Bachman said.
To minimize the impact of the human element, Bachman suggested that companies use solutions like ID Analytics for Data Defense that tracks the stolen data once it goes out of an organization to see where it is being misused and help law enforcement officials prevent additional misuse of that data.
This column was written by Vanessa Ho of ConnectIT
a>>
