The CyberSafe at USPS team wants employees to know that sometimes co-workers and vendors can pose cyberthreats to organizations just like outside hackers.
Hollywood has portrayed these individuals — known as “insider threats” — in movies and TV shows for years. While these storylines and characters are meant to entertain audiences, insider threats are a real-life problem for many organizations, including the Postal Service.
Insider threats often are employees, contractors or business partners who are negligent or malicious in their use of USPS systems access. They’re particularly dangerous because the compromised access could harm critical postal systems or result in stolen data.
There are three types of insider threats to watch out for:
• Accidental threats, which can occur by mistake when USPS-issued equipment has been lost, stolen, tampered with, or hit with a “social engineering” attack. Don’t be afraid to report these incidents. Any delay could compromise USPS data.
• Malicious threats, such as disgruntled employees who deliberately steal or sabotage data.
• Third-party threats, including Postal Service business partners or vendors that suffer an online attack that unintentionally compromises the postal network or data.
To report insider threat activity, email the Cybersecurity Operations Center at CyberSafe@usps.gov or call 866-877-7247.