search menu icon-carat-right cmu-wordmark

Spotlight On: Programmers as Malicious Insiders–Updated and Revised

White Paper
In this paper, the authors describe the who, what, when, where, and how of attacks by insiders using programming techniques and includes case examples.

Software Engineering Institute


This white paper updates the 2008 article "Spotlight On: Programming Techniques Used as an Insider Attack Tool." The white paper begins with a discussion of the who, what, when, where, and how of insider attacks and covers case examples of malicious insiders who attacked using programming techniques. This paper highlights technical malicious insiders who use their skills to create scripts or programs that harm their organizations. The insiders in these attacks were able to modify source code, set logic bombs to destroy data, and write programs to capture user credentials.