Today’s world has seen databases integrated into most of the businesses, institutions, and organizations that we interact with on a daily basis. For this reason, databases are often exposed to threats from both within the organization and from outside; some accidental while others are malicious. The fundamental difference between internal security threats and external ones is the identity of the attacker and the origin of the attack. External security threats come from invaders while internal security threats come from saboteurs. Invaders act from outside the organization and must breach the outer defenses to reach the database. On the other hand, saboteurs operate from within the organization and will often bypass the exterior defenses. Internal attacks are likely to be more damaging because they come from individuals with trusted access to the database.
Internal security threats could be accidental or intentional. For instance, an individual with access to a database may copy information from the database into an email for official purposes and accidentally include external email addresses. Intentional attacks from inside the organization often steal or modify specific sets of data for a variety of reasons. For instance, disgruntled employees may steal company information that is privileged and sell it to competitors (or in the black market) or use it to blackmail their boss. For example, Edward Snowden stole classified information while working for the Central Intelligence Agency (CIA) and leaked it to the media and sought asylum with the Russian government. External attacks come from skilled and sophisticated hackers that use vulnerabilities in the database security to bypass network defenses. An example of an external attack is the Equifax data breach that happened in 2017 where critical personal data that included social security numbers of more than 143 million people was stolen through unauthorized access.
Delegate your assignment to our experts and they will do the rest.
