search menu icon-carat-right cmu-wordmark

Insider Threat Blog

Real-World Work Combating Insider Threats

Latest Posts

Insider Threats in the Software Development Lifecycle

Insider Threats in the Software Development Lifecycle

• Insider Threat Blog
CERT Insider Threat Center

Developers often have full access to the source code of critical systems to do their job. This same access can also be used to insert logic bombs, sabotage the system, or siphon money from an organization. We have seen numerous cases of developers and system administrators exploiting parts of the software development lifecycle to commit their crimes. In this entry, we examine some recent cases involving developers who became malicious insiders....

Read More
Insider Threat Case Trends of Technical and Non-Technical Employees

Insider Threat Case Trends of Technical and Non-Technical Employees

• Insider Threat Blog
CERT Insider Threat Center

This is the second of two blog entries that explore questions we were asked during a recent meeting with leaders from the U.S. financial services sector. In this entry, we focus on what role malicious insiders typically hold in an organization: a non-technical position, a technical position, or both. "Non-technical" includes positions such as management, sales, and auditors. "Technical" includes positions such as system or database administrators, programmers, and helpdesk employees. "Both" includes overlapping jobs...

Read More
Insider Threat Case Trends for Employee Type and Employment Status

Insider Threat Case Trends for Employee Type and Employment Status

• Insider Threat Blog
CERT Insider Threat Center

We recently met with leaders from the U.S. financial services sector, and they asked a number of questions about recent trends in insider threat activities. We are often asked these types of questions, and we can answer many of them right away. Others require more extensive data mining in our case database. In this entry, we address the following question: Between current employees, former employees, and contractors, is one group most likely to commit these...

Read More
Interesting Insider Threat Statistics

Interesting Insider Threat Statistics

• Insider Threat Blog
CERT Insider Threat Center

Hello, my name is Joji Montelibano, and I work in the CERT Insider Threat Center. When members of our team give presentations, conduct assessments, or teach courses, one of the most common questions is, "Just how bad is the insider threat?" According to the 2010 CyberSecurity Watch Survey, sponsored by CSO Magazine, the United States Secret Service (USSS), CERT, and Deloitte, the mean monetary value of losses due to cyber crime was $394,700 among the...

Read More
A Threat-Centric Approach to Detecting and Preventing Insider Threat

A Threat-Centric Approach to Detecting and Preventing Insider Threat

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Chris King. Any organization that stores data about individuals has a responsibility to protect that information. We regularly hear news stories about celebrities' personal information being stolen and released to the media. Some of these leaks are caused by unauthorized individuals at organizations who are entrusted with confidential data. Recently, the media reported on an incident in which the confidential records of a contestant on a popular reality television show were improperly...

Read More
Insider Threat Deep Dive: IT Sabotage

Insider Threat Deep Dive: IT Sabotage

• Insider Threat Blog
CERT Insider Threat Center

This entry is the first in a series of "deep dives" into insider threat. Hi, this is Chris King from the CERT Insider Threat Center. Through the course of our research, we noticed that insiders couldn't be lumped into a single category. There are individuals who steal or commit fraud for profit, others who steal because of a sense of entitlement, and some who want to exact revenge against an organization simply because they are...

Read More
Welcome to the Insider Threat Blog

Welcome to the Insider Threat Blog

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Dawn Cappelli, technical manager of the Insider Threat Center at CERT. Thanks for taking the time to visit our new insider threat blog. As many of you know, we've been doing insider threat research since 2001. Our mission is to raise awareness of the risks of insider threat and to help identify the factors influencing an insider's decision to act, the indicators and precursors of malicious acts, and the countermeasures that will...

Read More