insiderthreat_it2008

insiderthreat_it2008 - I nsider T hreat S tudy: I llicit C...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: I nsider T hreat S tudy: I llicit C yber A ctivity in the Information Technology and Telecommunications S ector Eileen Kowalski Dawn Cappelli National Threat Assessment Center Andrew Moore United States Secret Service CERT Program Washington, DC Software Engineering Institute Carnegie Mellon University Pittsburgh, PA January 2008 U.S. Secret Service and CERT/SEI Insider Threat Study: Illicit Cyber Activity in the Information Technology and Telecommunications Sector Page 2 TABLE OF CONTENTS SECTION 1: INTRODUCTION............................................................................4 The Insider Threat to Critical Infrastructures ............................................................................. 5 The Efforts to Develop Information on the Insider Threat Issue................................................ 6 The Secret Service/CERT Collaboration.................................................................................... 8 The Insider Threat Study ............................................................................................................ 9 Overview of Findings in the IT Sector ..................................................................................... 13 Organization of the Report........................................................................................................ 14 SECTION 2: KEY FINDINGS OF THE INSIDER THREAT STUDY OF ILLICIT CYBER ACTIVITY IN THE IT SECTOR........................................15 The Insiders............................................................................................................................... 15 Characteristics....................................................................................................................... 15 Motives ................................................................................................................................. 17 The Target Organizations ......................................................................................................... 18 The Attacks............................................................................................................................... 19 Pre-attack Behaviors and Planning....................................................................................... 19 Advancing the Attacks.......................................................................................................... 21 Detecting the Attacks............................................................................................................ 23 The Consequences of the Attacks............................................................................................. 25 For the Insiders ..................................................................................................................... 25 For the Target Organizations ................................................................................................ 27 SECTION 3: IMPLICATIONS OF THE KEY FINDINGS FOR THE...
View Full Document

Page1 / 59

insiderthreat_it2008 - I nsider T hreat S tudy: I llicit C...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online