Last week we heard from a number of security industry figures on what businesses of all sizes can take away from the Ashley Madison data breach.
After reports that the customer data stolen from the adult dating site had been released on the dark web, some are now suspecting that the hacker was actually someone from the company.
The most notable industry veteran suggesting that this is the case is John McAfee – who, apart from being the founder of antivirus software firm McAfee, is known for his colourful personal life, which includes being suspected of killing a neighbour and going on the run from the Belize government.
“How did I discover that it was an inside job? From the data that was released, it was clear that the perpetrator had intimate knowledge of the technology stack of the company (all the programs being used). For example, the data contains actual MySQL database dumps. This is not just someone copying a table and making into a .csv file. Hackers rarely have full knowledge of the technology stack of a target,” explains McAfee.
McAfee has decided that the hack was done by a female due to some of the language used in the data dump.
“As to gender of the perpetrator, there were a number of telling signs in the manifestos. The most telling was a statement calling men “scumbags” (for those readers that don’t speak American/Canadian English, this is a word that only a woman would ever use to describe men). In a separate section, the perpetrator describes men as cheating dirtbags. I think in any language this would suggest that a woman is speaking,” added McAfee.
While we’re not totally convinced on his somewhat misogynistic views on why it must have been a female hacker, McAfee does make a good point about the inside knowledge.
Paul Trulove, VP of product management at SailPoint, believes that this potential ‘inside job’ highlights the need for organisations to give priority to their cyber security measures.
“There is no silver bullet solution to the insider threat problem, but if companies take a layered approach that includes awareness and education alongside preventive and detective controls they will be much more secure,” explained Trulove.
"First and foremost, companies need to be explicit about their policies in this area and clearly define what is considered ‘illegal’ use of proprietary data. At the same time, companies need to proactively monitor and manage access privileges, with the goal of limiting access to only what is required. Identity and access management (IAM) plays a critical role in helping companies ensure that access privileges are appropriate and conform to policy.”
Image source: Shutterstock