Cyber insider threats increase in third quarter: Kroll

The incidence of cyber-related insider threats peaked to its highest quarterly level to date during the third quarter, a report says.

Insider threats accounted for nearly 35% of all unauthorized access threat incidents during this year’s third quarter, compared with 24% in the second quarter, and 31% during the first, according to the report issued by New York-based Kroll Inc., which is based on its incident response data.

This risk “is particularly high during the employee termination process,” the report said. Disgruntled employees may be seeking to undermine an organization, while others do it to use as leverage at their new organizations, it said.

The report said email compromises among popular threat incident types leveled off at 30% of the total in the third quarter, the same percentage as in the second quarter, while ransomware attacks decreased to 25% of the total in the third quarter from 33% in the second.

The report said among threat actors that targeted credentials for initial access, phishing incidents increased 55% in the quarter, compared with 42% in the second quarter.

Kroll handles more than 3,000 cyber incidents yearly, according to a spokeswoman.