Signup For Specials, Security Alerts, & News!

© 2009-2020 -MS CYRIGO INC. All Rights Reserved| The certification names are the trademarks of their respective owners.   
  Cookie Policy | Privacy PolicyTerms of Use | Refund Policy | Reschedule Policy | Disclaimer

Trend Micro Insider Threat Incident

Every week, in some instances, daily, large companies continually endure data breaches. Consumers suffer at the hands of companies they trusted with their personal data because the consequences are not severe enough for companies to implement the appropriate security controls that would minimize risk.

Planning for cyber-attacks that are often the result of employees and other insiders need prevention methods implemented. Least privilege should be implemented for employees of all organizations as they have access to proprietary systems. Often these individuals may bypass security measures through genuine access. Because of the complexity of each role and access their characteristics differ.

Trend Micro Discloses Insider Threat

We recently became aware of a security incident that resulted in the unauthorized disclosure of some personal data of an isolated number of customers of our consumer product. We immediately started investigating the situation and found that this was the result of a malicious insider threat. The suspect was a Trend Micro employee who improperly accessed the data with a clear criminal intent. We immediately began taking the actions necessary to ensure that no additional data could be improperly accessed, and have involved law enforcement.

Our open investigation has confirmed that this was not an external hack, but rather the work of a malicious internal source that engaged in a premeditated infiltration scheme to bypass our sophisticated controls.

In early August 2019, Trend Micro became aware that some of our consumer customers running our home security solution had been receiving scam calls by criminals impersonating Trend Micro support personnel. The information that the criminals reportedly possessed in these scam calls led us to suspect a coordinated attack.

Although we immediately launched a thorough investigation, it was not until the end of October 2019 that we were able to definitively conclude that it was an insider threat. A Trend Micro employee used fraudulent means to gain access to a customer support database that contained names, email addresses, Trend Micro support ticket numbers, and in some instances telephone numbers. There are no indications that any other information such as financial or credit payment information was involved, or that any data from our business or government customers was improperly accessed.

Our investigation revealed that this employee sold the stolen information to a currently unknown third-party malicious actor. We took swift action to contain the situation, including immediately disabling the unauthorized account access and terminating the employee in question, and we are continuing to work with law enforcement on an ongoing investigation.

Five best practices that should be used in the creation of your Insider Program:

  • Know and protect your critical assets

  • Develop a formalized insider threat program

  • Deploy solutions for monitoring employees actions and correlating information from multiple data sources

  • Clearly document and consistently enforce policies and controls

  • Incorporate malicious and unintentional insider threat awareness into periodic security training for all employees

The basic function of an insider threat program is to protect the assets that provide your organization with a competitive advantage.

#trendmicro #insiderthreat #securityincident #compliance #prevention #securityassessment #risk #MSCyRIGo

Source: Trend Micro Discloses Insider Threat Impacting Some of its Consumer Customers



PO BOX 72314


  • Facebook Social Icon
  • Twitter Social Icon
  • LinkedIn Social Icon
  • Instagram

Certifications and Accreditations:

MS CYRIGO Inc. is affiliated with and actively engaged in many professional and industry organizations..  A service-disabled veteran and minority women-owned small business, we have contract vehicles to assist military, government, and private sector cyber security infrastructure needs.