The U.S. Secret Service, in partnership with Carnegie Mellon Software Engineering Institute, Pittsburgh, released in May its latest Insider Threat Study (ITS): "Computer System Sabotage in Critical Infrastructure Sectors."A follow-on to its August 2004 report on illicit cyber activity in the banking and finance sector, the latest report found that at the time of the incident, 59% of the insiders were former employees or contractors of the organization, and 41% were current employees.

The study, which tracked 49 insiders, noted that 96% were male, 49% were married at the time of the incident, and just under one-third had an arrest record. A full 86% were employed in technical positions.

Circumstances surrounding the majority of insiders who committed acts of sabotage and their resultant acts of destruction followed similar paths:

* The attack was triggered by a negative work-related event.

* Insiders planned their attack in advance.

* When hired, perpetrators had been granted system administrator or privileged access (one-half did not have authorized access at time of incident).

* They used unsophisticated methods for exploiting systemic vulnerabilities in applications, processes and/or procedures.

* They compromised computer accounts, created unauthorized backdoor accounts, or used shared accounts in their attacks.

* They used remote access to carry out some of the attacks.

* The attacker was detected only after there was a noticeable irregularity in the information system, or when a system became unavailable.

Register or login for access to this item and much more

All Digital Insurance content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access