|
 |
 |
 
|
|
 |
 What is Insider Threat?
Protecting sensitive information from unauthorized manipulation and disclosure by its insiders has become a major concern for organizations worldwide. Current and former employees, executives, contractors and other insiders pose a substantial threat due to their knowledge and authorized access to corporate internal systems and data. These individuals may act on their own driven by revenge or dissatisfaction with company management. Yet, many of the insider crimes are executed for financial gain in concert with outsiders such as identity thieves, organized crime groups or competitors.
Historically, companies focused on protecting their information systems and assets against intruders and hackers from the outside. Almost every corporation has implemented security tools for protecting its perimeter including firewalls, intrusion detection, anti-virus, anti-spam, anti-spyware and other tools. Today, there is an emerging threat to corporate security that comes from inside the organization.
Insider threats are more difficult to detect than external threats. The individuals perpetrating the crime are authorized to access corporate sensitive data in the course of their daily work. Identifying an individual who is misusing the data he is allowed to access is much more complicated than detecting or blocking access of an unauthorized external person. Moreover, because polices and procedures are often loosely followed, it is hard to know at what point a line has been crossed.
In the past two years, several surveys have been performed on the issue of the Insider Threat. One of the most known studies on Insider Threat was conducted by the US Secret Service National Threat Assessment Center and the CERT Coordination Center of the Carnegie Mellon University’s Software Engineering Institute in 2005. According to this survey, the typical employee who commits fraud has many years with the company, is an authorized user, is in a non-technical position, has no record of being a problem employee, uses legitimate computer commands to commit the fraud and does so mostly during business hours.
Following are the main findings of this survey and links to other surveys on the Insider Threat.
 |
Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector |
|
By: the US Secret Service and the CERT Coordination Center of the Carnegie Mellon University
Finding 1: Most incidents required little technical sophistication
Finding 2: Perpetrators planned their actions
Finding 3: Financial gain motivated most perpetrators
Finding 4: Perpetrators did not share a common profile
Finding 5: Incidents were detected by various methods and people
Finding 6: Victim organizations suffered financial loss |
|
Read more.. |
|
|
Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors |
|
By: The US Secret Service and the CERT Coordination Center of the Carnegie Mellon University
“Insiders can be stopped, but stopping them is a complex problem. Insider attacks can only be prevented through a layered defense strategy consisting of policies, procedures, and technical controls.“ |
|
Read more.. |
|
|
ACFE’s 2006 Report to the Nation on Occupational Fraud and Abuse |
|
By: Association of Certified Fraud Examiners (ACFE)
Organizations suffer tremendous costs as a result of occupational fraud and abuse. The typical U.S. organization loses 5% of its annual revenues to fraud. Applied to the estimated 2006 US Gross Domestic Product, this translates to approximately $652 billion in fraud losses. |
|
Read more.. |
|
|
2005 CSI/FBI Computer Crime And Security Survey |
|
By: Computer Security Institute (CSI) with the participation of the San Francisco FBI Computer Intrusion Squad.
"Two specific areas (unauthorized access to information and theft of proprietary information) did show significant increases in average loss per respondent." |
|
Read more.. |
|
|
Deloitte’s 2005 Global Security Survey |
|
By: Deloitte & Touche LLP
“Internal security breaches have overtaken external IT attacks as the biggest threat to financial institutions as hackers switch their focus from technology to people”.
“…the extent of internal breaches more than doubled with 35% of respondents encountering attacks from the inside within the last 12 months, compared to only 14% the year before.” |
|
Read more.. |
|
| Insider Threat Cases and Articles |
|
|
ChoicePoint to Pay $15M Over Data Breach |
|
Jan. 26, 2006 |
|
ChoicePoint Agrees to Pay $15M to Settle Charges That Company Violated Consumers' Privacy Rights |
|
Read more.. |
|
|
The biggest bank security breach in U.S. history |
|
May 23, 2005 |
|
Bank of America Corp. and Wachovia Corp. are among the big banks notifying more than 670,000 customers that account information was stolen in what may the biggest security breach to hit the banking industry. |
|
Read more.. |
|
|
Man arrested for DoCoMo data leak |
|
Apr. 22, 2005 |
|
A 41 year old man has been arrested in Japan on suspicion of leaking personal data of around 24,600 NTT DoCoMo mobile subscribers. |
|
Read more.. |
|
|
Former AOL Employee Sold 92 Million Screen Names to Spammers |
|
Feb. 5, 2005 |
|
A former America Online Inc. software engineer pleaded guilty Friday to stealing 92 million screen names and e-mail addresses and selling them to spammers. |
|
Read more.. |
|
|
Invitation To Steal |
|
Feb. 1, 2005 |
|
The more you automate your critical business processes, the more vigilant you need to be about protecting against fraud. |
|
Read more.. |
|
|
Ex-Teledata employee pleads guilty in massive ID theft case |
|
Sep. 15, 2004 |
|
A former help desk employee at Teledata Communications Inc. pleaded guilty yesterday in a massive scheme to steal the identities of up to 30,000 people, according to U.S. Attorney David Kelley. |
|
Read more.. |
|
|
