Sunday, March 22, 2009

Will Economic Hard Times Heighten the Insider Threat? The Safe Assumption is "Yes."


Police chiefs in the United States say the economic downturn is fueling a rise in crime and warn that cuts to their budgets could handcuff their efforts to tackle it ... Of 233 police agencies surveyed by the Police Executive Research Forum, a Washington-based law enforcement organization, 44 percent reported a rise in certain types of crime they attributed to the United States' worst economic and financial crisis in decades. Reuters, 1-27-09

Will Economic Hard Times Heighten the Insider Threat? The Safe Assumption is "Yes."

Economic hard times result in a rise in crime rates on the streets of physical space, and there is reason to expect a similar rise in crime rates on the digital street, particularly, in regard to insider attacks.

A recent indictment has drawn renewed attention to the issue:

An IT contract employee who formerly worked at an oil and gas production company in Long Beach, Calif., was indicted yesterday on charges of sabotaging a computer system he helped set up because the company did not offer him a permanent job.
The case is the latest to highlight the challenge that businesses face in trying to protect corporate systems and networks from rogue insiders and those with privileged access to systems, such as contractors and business partners. Security analysts have warned about the heightened threats such users pose to corporations because of the broader disgruntlement resulting from layoffs and other belt-tightening steps companies have taken during the recession.
Computerworld, 3-18-09

To read the indictment, click here.

To brush up on your knowledge of the insider threat and how to address it proactively, look into the third edition of CERT's Common Sense Guide to Prevention and Detection of Insider Threats, and its empirically-based insider threat risk assessment diagnostic. (These resources and other elements of CERT's insider threat research have received significat CyLab funding.)

As Dawn Cappelli, technical lead on CERT's insider threat research, explained in a CyLab Chronicles interview: "The insider threat diagnostic enables organizations to gain a better understanding of actual insider threat activity and an enhanced ability to assess and manage associated risks. It merges technical, organizational, personnel, and business security and process issues into a single, actionable framework."

For the full interview, and links to relevant publications and other resources, click here.

-- Richard Power