All posts by James B. Morris

Jim Morris is a software developer, computer systems architect, businessman, and serial entrepreneur with over 40 years of experience, most recently at FullSecurity Corporation researching solutions for microservices architectures and secure data-storage systems that are immune to external infection by malware and resistant to theft by malicious insiders. He has started and sold a successful technology company, did very early research (1970s) in OO programming languages at the Los Alamos National Laboratory, and was an associate professor of computer science at Purdue. His areas of interest are cryptography, software development, operating systems, and hacking methodology. He has a Ph.D. in Computer Science and a B.S. in Electrical Engineering, both from the University of Texas at Austin
security concept  with a lock

Insider Attacks Are A Bigger and Harder Threat?

There is a new trend apparently emerging to defend against data loss and data damage as a result of external hacking. Some organizations have been removing their sensitive data from the Internet or isolating such data on “private” networks. This trend reminds me of Willie Sutton’s answer when he was asked, “Why do you rob banks?” His answer was, “Because that’s where the money is.” If this trend is real and if it spreads further, expect the hackers to simply move from external hacking to insider hacking. If you ask a hacker, “Why do you rob computer systems?”, he or she would likely answer, “Because that’s where the data is.” I doubt hackers care whether it requires an external hack or an insider hack. As you will see later, removing or isolating sensitive data from the Internet has apparently not stopped the CIA from being either the hack-er or the hack-ee. Continue reading