• Jamie Graves, CEO at ZoneFox


• 02.12.2016 11:15 am
security

Details are still a little fuzzy surrounding the Europol breach – par for the course with such a sensitive leak of information – but the one constant in all of the stories seems to be the use of an external device. This is extremely worrying for Interpol and any affiliated counter-terrorism organisations. 

The fact that such highly classified materials were freely available to be moved onto an external device and taken outside the immediate network should be of major concern, regardless of whether this should have been done or not by the individual employee. 

The thing is, these kinds of lapses in judgement with individuals will happen from time to time. You can and should educate them as much as possible to eliminate any poor security habits, but that's not fool proof. Ideally, Europol should have been monitoring their network through user behaviour analysis software.

By building up a profile of this officer and their usual behaviour, the system would have flagged that sensitive documents were being taken off the network and onto an external device in close to real-time. This may well have led to the incident being rectified and the officer dealt with before the aforementioned hard drive was connected to the internet for the rest of the world to discover.