search menu icon-carat-right cmu-wordmark

Insiders and Organized Crime

CERT Insider Threat Center
• Insider Threat Blog
CERT Insider Threat Center

The term organized crime brings up images of mafia dons, dimly lit rooms, and bank heists. The reality today is more nuanced; especially as organized crime groups have moved their activities online. The CERT Insider Threat Center recently released a publication titled Spotlight On: Malicious Insiders and Organized Crime Activity. This article focuses on a cross-section of CERT's insider threat data, incidents consisting of 2 or more individuals involved in a crime. What we found is that insiders involved in organized crime caused more damage (approximately $3M per crime) and bypassed protections by involving multiple individuals in the crime.

As organized crime has made its way online, it has become a significant source of fraud and embezzlement. Several recent news articles have raised awareness of this threat. The online crimes are often committed by individuals inside the organization who are attempting to bypass increasingly sophisticated fraud prevention controls. Analysis of multiple cases of insiders and organized crime has shown that the incidents fall into two primary categories: insiders either formed their own groups to bypass controls, or were recruited by established organized crime groups for a particular task in the commission of a crime.

If you are interested in reading more about insiders and organized crime, including potential countermeasures, check out the article


[Krebs 2009]
Krebs, Brian. Organized Crime Behind a Majority of Data Breaches. 2009.

[Goldman 2011]
Goldman, David. The Cyber Mafia Has Already Hacked You. 2011.

[Wong 2012]
Wong, Arthur. Beware Cyber Crime Gangs: Is Your Bank's Web Site Safe?. 2012.

About the Author