If you look at the real time CSI investigation cases, you can easily easily that the threats generally comes from the ones who are in the closers circle of relationships.

This is same in Cyber World. Recent surveys indicate that better than 50 percent of business with an Internet server have experienced remote attack. That’s an impressive figure, however, a far higher percentage of business are attacked from within. 

Every year, thousands of business suffer demonstrable damages at the hands of disgruntled employees. In a recent case, a programmer was fired from a medical billing firm. Then the programmer run a script that deleted a month’s worth of billing records. The firm had no backups and therefore lost thousands of dollars. Cases like that are common.

Why are internal attacks so prevalent ?

The first and the simplest reason of why internal attacks so prevelant than the remote attacks is attacking a network or a system from inside is far easier.

Authorized users can have access to information that remote users can not. This is understandable. Furthermore, local users already enjoy some level of trust, not only simply at a network level but also human level. This is a major advantage.

Authorized or trusted users can gain or already have more and more information about the company and its local mechanisms, etc. Therefore, these kind of information can provide the local attackers to find new, creative and wide attack vectors and surfaces.

Assume an employee in a data processing center of a university. He is responsible from the switching and routing stuff. So, he has a big chance to packet sniffing in the local network and can see the flowing traffic. Besides then, if he is malice person, he can use his trusted human level in order to gain critical information about the users via social engineering, like e-mail passwords, local user passwords, etc. The attack surface is really wide.

Is it possible to prevent all the internal attacks and make the internal network more secure?

The answer to that question has very complex meanings and changeable dynamics. We can never say that there is 100 percent of security. However, we can raise the security level and can control and forestall the threats as much as possible.

It is possible to simply divide ensuring at least a minimal level of internet security into three fundamental parts. The first part is that clear and understandable policies must be written to make the users aware of security. The second and critical step of increasing the security level is that making the users aware of the policies. Moreover, access levels must be well-organized and need-to-know based access control lists must be prepared.

Many firms have no such policies and their administrative folks believe that users ignore the policies even if they are clearly set forth. That may or may not be true. However, that is no reason the avoit writing policies. Besides that, policies may not prevent your users snooping around, but if you do have written policies, you have the ammunition to dismiss that emplotee on the spot.

Some reports suggest the average employee in a small business spends up to an hour a day surfing the web for personal use — perhaps looking at video or file-sharing websites, playing games or using social media websites such as Facebook.

It’s not just time that this activity could cost you. Analyst reports show that the number of malware and virus threats is increasing by more than 50 percent each year, and many of these destructive payloads can be inadvertently introduced to the network by employees.

"It’s very easy for a rootkit to be hidden in a game or a video clip, and a novice user may not notice anything out of the ordinary," warns Graham Titterington, a principal analyst with Ovum.

The best advice is to constantly update and patch your IT systems to ensure you are protected against new threats as they emerge, advises Paul Vlissidis, a technical director with NCC Group. "Don’t rely on monthly or quarterly security downloads," he says. "The time between vulnerabilities being discovered and then exploited is shrinking all the time, so it’s important to update patches and antivirus software regularly, and ideally layer several antivirus products rather than using just one."

There are now a staggering number of ways that information can be taken from your computer networks and released outside the organisation. Whether it’s an MP3 player, a CD-ROM, a digital camera or USB data stick, today’s employees could easily take a significant chunk of your customer database out of the door in their back pocket.

"These types of devices are effectively very portable, very high-capacity hard drives," says Andy Kellett, a senior research analyst with Butler Group. "Someone can walk away with up to 60GB of data on a USB stick, so it’s not a trivial matter."

Research conducted by Websense found that a quarter of UK workers who use PCs at work admit copying data onto mobile devices at least once a week. In addition, 40 percent say they use USB sticks to move data around, and a fifth have revealed their passwords to third parties

In addition, Kellett recommends considering whether to block access to web-based email and data-storage services, such as Gmail. "If someone can store confidential documents to an online storage site, that information is completely beyond your control," he says.

Finally, consider locking down networks to prevent wireless access using Bluetooth or Wi-Fi — except for authorised users with authorised devices. "Information loss over Bluetooth on an unsecured network is very difficult to detect indeed," says Kellett.