Your best defense: Sunlight. The first step is to find out who's sucking up all the bandwidth and bring them into the light of day, says Melvin.
"These companies all have policies about what you can and can't do on their networks," he says. "The problem is they have no idea what people are actually doing, so the policies are completely unenforceable. Our solution is to bring these bandwidth vampires out into the sunlight and watch them melt."
Another option: Deploy software at the network gateway to dictate how much bandwidth each device will be allotted for YouTube, Facebook, and other nonbusiness applications, says Tim Naramore, CTO for Masergy, a provider of managed network services.
"To drive a stake through the heart of employee-owned devices you need to shift your network controls from the endpoints to the network," he says.
How to identify them: You don't -- they're invisible. But every so often they leave telltale traces behind.
Like Keyboard Zombies, Ghosts in the Machine put sensitive corporate data at risk -- but these malicious insiders are doing it on purpose and often for a profit. There are also two kinds of ghosts, says Symantec's Matthews: one seeking revenge, the other looking for a payday.
"The first kind is usually a good employee who's been doing good work, only something happened at work that caused them to be disgruntled," says Matthews. "The other kind is the opportunist. He's looking to rip off a company's intellectual property to start his own company or sell it to your competitors."
With the collapse of the Soviet empire, many old-school spies are turning to corporate espionage and recruiting operatives inside U.S. companies, says Matthews.
Your best defense: Who you gonna call? If the Ghostbusters aren't available, your next best bet is to sit down with HR on a regular basis and identify people who could potentially pose threats. It could be a middle manager who's been passed over for promotion or has been shortlisted for the next round of layoffs. It could be an employee who's traveling overseas far more often than normal, whose mortgage is underwater, or has a spouse with big medical bills -- essentially, the points of vulnerability that a veteran spy wrangler would attempt to exploit.
Once potential ghosts have been identified, IT pros can use a DLP system to flag anomalous behavior -- like if someone is accessing files they shouldn't or copying higher volumes of data than they normally would -- and bring it to HR's attention, says Matthews.
"Inevitably the motivation is either revenge or greed," he says. "They got their hands on some intel, and they're going to try and sell it to someone. They often fly under the radar. But living in a networked world as we do, we end up catching a lot of these people."
How to identify them: They're assembled from many parts and destroy everything in their path.
What's scarier than an ordinary hacker? A hacker with a social cause bolted onto his or her quasi-criminal activities. Whether they're graybeards or script kiddies, a determined group of hacktivists can wreak havoc with your data, your network, and your company's reputation -- at any time, for virtually any reason.
Just ask Sony, PayPal, HBGary, or any of the dozens of other corporations that have been publicly pwned by Anonymous and its offshoots. There's no telling what might set off Frankenhackers, and there's no way to persuade them to leave you alone once you're in their path of destruction.