Apple has always been great at keeping its projects a secret until the company is ready to do a massive Steve Jobs-esque reveal.

Regrettably, after falling victim to the ever-looming insider threat, Apple’s latest secret is out in the open. The company was forced to reveal its activities to win a lawsuit against former employees — so we won’t get to have our socks knocked off with this one.

Here is the full story: plus, what you need to know about protecting your organization (and its secrets) from insider threats.

Apple falls victim to insider threats

The insider in question, Xiaoling Zhang, a former Apple employee, has pleaded guilty to accusations brought against him for stealing trade secrets from Apple.

Most recently, Zhang was working as a hardware engineer on Apple’s autonomous vehicle team. The team is working on Apple’s autonomous car project, which until now, was a secret that Apple guarded very closely.

After a sudden resignation that followed a vacation to China, Apple started to suspect that Zhang might be stealing trade secrets and blocked Zhang’s access to the network.

Eventually, the company’s suspicions were confirmed, and evidence of Zhang’s wrongdoing was brought to light.

Among the data Zhang accessed as an insider, are autonomous vehicle engineering schematics, reference manuals, and PDFs of prototypes and requirements.

Now, Zhang faces ten years in prison and a quarter million dollar fine, but the damage is done — Apple’s secret is out. This damage is worth a lot more than the punishment meted out to Zhang. 

Insider threats are on the rise

Incidents relating to insider threats are mounting.

As a matter of fact, Constella recently surveyed 100 executives, and the survey results show that cybersecurity leaders agree that insider threats remain the biggest security threat facing many organizations.

Insider threats stem from employees who compromise critical data from within an organization, usually for personal monetary gain (malicious insiders) and sometimes unknowingly (negligent insiders).

In Apple’s case, Zhang may be labeled as a malicious insider. However, unintentional insider threats are just as significant a risk. Research suggests that negligent insiders cause 50% to 75% of insider threat events.

So, how should organizations protect their data from within? We’re glad you asked — let’s find out.

How to protect against insider threats

There are two primary ways for you to safeguard your data against both malicious and unintentional insider threats, namely:

  1. Take control of your data (even beyond the company boundaries)
  2. Empower employees and eliminate unintentional breaches

Security teams can implement both recommendations faster than you might expect; securing your organization against insider threats, so your team can collaborate safely. 

How to take control of your data

You can find various data protection solutions online, but to truly control your data, you need a solution that will allow you to monitor, track, target, and block potential threats inside your company and out.

With ITsMine’s agentless BeyondDLP™ solution, you can monitor, track, and control your data anywhere (even in the cloud or outside your organization’s boundaries) using FileGPS™ technology and ITsMine’s File Time Bomb feature.

Plus, detect and prevent malicious threats with Software Mines™.

Setting up a data loss prevention solution like BeyondDLP™ protects your data from insider threats and other security risks, such as ransomware.

How could this have helped Apple?

Let’s use the schematics or prototype PDFs as an example. As Zhang started to veer towards malice, FileGPS™ would detect the unauthorized use of these files outside of the predetermined Safe Zones.

He could be flagged and monitored, and the files could quickly be recovered and protected. Any sensitive files already exfiltrated could be destroyed using the File TimeBomb feature.

Visit ITsMine’s website to learn more about the platform.

How to eliminate unintentional insider breaches

Hackers understand that any security operation is only as strong as its weakest link. As a result, unintentional breaches occur when there is a lack of general security awareness within a team. 

A lack of security training allows malicious third parties to exploit unknowing insiders through common cyberattacks like malware or phishing.

To prevent these attacks and protect your data and your team requires some cyber security training. Here, you can take the traditional route and host a recurring workshop that educates your staff with enhanced insider threat training, or you can opt for a more proactive approach — using a solution that offers integrated security awareness training campaigns.

ITsMine’s BeyondDLP™ platform offers employee-centric protection that actively engages employees to prevent unintentional leaks.

Integrating a data loss prevention solution can detect and prevent data breaches and obtain forensic evidence against internal offenders. Perfect for malicious employees like Zhang.

Final thoughts

Addressing insider threats is crucial, and ignoring the risk presents a catastrophic danger. 

Just imagine Zhang pulled it off, took on Apple’s AV department, and came out ahead.

To protect your data from insider threats, remember to:

  1. Control your data (everywhere); and
  2. Educate your team

If you want to learn more about insider threats, check out our insider best practice guide.


Encryption-less Ransomware: Best Practices for CISOs to Ensure Protection