icon-carat-right menu search cmu-wordmark

Secret Service and CERT Release Report Analyzing Acts of Insider Sabotage via Computer Systems in Critical Infrastructure Sectors

White Paper
This press release is the second in a series of reports focusing on insider threats to information systems and data in critical infrastructure sectors.
Publisher

Software Engineering Institute

Abstract

(Washington, DC) ― The United States Secret Service and the Carnegie Mellon Software Engineering Institute's CERT today announced the findings of the second Insider Threat Study report. According to the report, which analyzed acts of insider sabotage on computer systems in critical infrastructure sectors, the majority of insiders who committed the attacks were former employees, motivated at least in part by a desire to seek revenge and who were granted system administrator or privileged access when hired. The goal of the Insider Threat Study, made possible in part by financial support from the U.S. Department of Homeland Security's Science and Technology Directorate, is to better understand malicious insider activities affecting information systems and data in critical infrastructure sectors. The study is the first of its kind to provide a comprehensive analysis of insider actions by analyzing both the behavioral and technical aspects of the threats. "At a time when homeland security is more closely linked than ever to the protection of our nation's critical infrastructure, the Insider Threat Study serves as an important reminder for all of us to protect sensitive information by closely monitoring and safeguarding network usage and reporting suspected intrusions to security personnel and law enforcement as soon as a breach is detected," said United States Secret Service Director Ralph Basham.