Your best defense: Who you gonna call? If the Ghostbusters aren't available, your next best bet is to sit down with HR on a regular basis and identify people who could potentially pose threats. It could be a middle manager who's been passed over for promotion or has been shortlisted for the next round of layoffs. It could be an employee who's traveling overseas far more often than normal, whose mortgage is underwater, or has a spouse with big medical bills -- essentially, the points of vulnerability that a veteran spy wrangler would attempt to exploit.
Once potential ghosts have been identified, IT pros can use a DLP system to flag anomalous behavior -- like if someone is accessing files they shouldn't or copying higher volumes of data than they normally would -- and bring it to HR's attention, says Matthews.
"Inevitably the motivation is either revenge or greed," he says. "They got their hands on some intel, and they're going to try and sell it to someone. They often fly under the radar. But living in a networked world as we do, we end up catching a lot of these people."
What's scarier than an ordinary hacker? A hacker with a social cause bolted onto his or her quasi-criminal activities. Whether they're graybeards or script kiddies, a determined group of hacktivists can wreak havoc with your data, your network, and your company's reputation -- at any time, for virtually any reason.
Just ask Sony, PayPal, HBGary, or any of the dozens of other corporations that have been publicly pwned by Anonymous and its offshoots. There's no telling what might set off Frankenhackers, and there's no way to persuade them to leave you alone once you're in their path of destruction.
Worse, they may have friends on the inside, says Jason Mical, director of network forensics for AccessData, a digital investigations and litigation support firm.
"They are organized," he says. "They engage in information sharing. They are capable of large-scale collaboration, because they've established clear lines of communication. And honestly, any employee at any company or government agency could be a friend of a hacktivist or even a member of a hacktivist group."
Your best defense: You'll need more than torches and pitchforks -- or antimalware and intrusion prevention systems -- to fight off Frankenhackers, says Mical.