search menu icon-carat-right cmu-wordmark

Insider Threat Blog

Real-World Work Combating Insider Threats

Latest Posts

Insider Threats Related to Cloud Computing--Installment 4: Using the Cloud to Conduct Nefarious Activity

Insider Threats Related to Cloud Computing--Installment 4: Using the Cloud to Conduct Nefarious Activity

• Insider Threat Blog
CERT Insider Threat Center

A third type of cloud-related insider is one who uses cloud services to carry out an attack on his own employer. This type of insider is similar to the previous type who targets systems or data in the cloud. In contrast, the third type of insider uses the cloud as a tool to carry out an attack on systems or data targeted, which are not necessarily associated with cloud-based systems....

Read More
Insider Threats Related to Cloud Computing--Installment 3: Insiders Who Exploit Cloud Vulnerabilities

Insider Threats Related to Cloud Computing--Installment 3: Insiders Who Exploit Cloud Vulnerabilities

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Bill Claycomb and Alex Nicoll with installment 3 of a 10-part series on cloud-related insider threats. In this post, we discuss a second type of cloud-related insider threat: those that exploit weaknesses introduced by use of the cloud. Last week we discussed the rogue administrator, one type of cloud-related insider threat. A second type of cloud-related insider threat, often overlooked by security researchers, is the insider who exploits vulnerabilities exposed by the...

Read More
Insider Threats Related to Cloud Computing--Installment 2: The Rogue Administrator

Insider Threats Related to Cloud Computing--Installment 2: The Rogue Administrator

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Bill Claycomb and Alex Nicoll with installment 2 of a 10-part series on cloud-related insider threats. In this post, we present three types of cloud-related insiders and discuss one in detail--the "rogue administrator." This insider typically steals the cloud provider's sensitive information, but can also sabotage its IT infrastructure. The insider described by this threat may be motivated financially or by revenge....

Read More
Insider Threats Related to Cloud Computing--Installment 1: Introduction

Insider Threats Related to Cloud Computing--Installment 1: Introduction

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Bill Claycomb, lead research scientist for the CERT Insider Threat Center and Alex Nicoll, technical team lead for Insider Threat Technical Solutions and Standards. Over the next few months, we will discuss, in a series of blog posts, problems related to insiders in the cloud, defending against them, and researching approaches that could help solve some of these problems....

Read More
Pay Attention: Are Your Company Secrets at Risk from Insiders?

Pay Attention: Are Your Company Secrets at Risk from Insiders?

• Insider Threat Blog
CERT Insider Threat Center

For years the CERT Insider Threat Center has been studying organizations' current and former employees, contractors, and trusted business partners who steal intellectual property (IP) from their organizations. We have published reports that detail the problem: who does it, why, when, how, etc. We have also published reports on mitigation strategies based on our analysis of the problem. (Links to the reports are at the bottom of this post). These strategies focus on the detection...

Read More
The CERT Insider Threat Center has been busy this spring.

The CERT Insider Threat Center has been busy this spring.

• Insider Threat Blog
CERT Insider Threat Center

The CERT Insider Threat Center has been busy this spring developing publications, presenting podcasts, and attending conferences to extend the knowledge and research we've collected into the public domain. This blog post contains a few highlights of recent accomplishments and a sneak peak of what we're planning for the future....

Read More
The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud)

The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud)

• Insider Threat Blog
CERT Insider Threat Center

The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud) by Addison-Wesley Professional has recently been published. The book is available for purchase at Addison-Wesley's InformIT website at http://www.informit.com/store/product.aspx?isbn=9780321812575....

Read More