Recently in Fraud Category
Hello, this is Todd Lewellen, information systems security analyst for the CERT Insider Threat Center. We recently conducted a cursory search through our MERIT database for case examples across different industry sectors. This search reminded us just how indiscriminately insider attacks can appear throughout public and private sectors. In other words, while certain insider attacks tend to manifest themselves more often in specific industry sectors, no sector is free from the actions of malicious insiders.
Continue reading Insider Threats Evident in All Industry Sectors
Hi, this is Randy Trzeciak of the CERT Insider Threat Center. Recently, we completed a study that revealed insights into the type of insiders who commit insider financial cyber fraud, how they do it, and what they steal. The study, funded by the U.S. Department of Homeland Security (DHS) Science and Technology Directorate, involved 80 real cases of insider cyber fraud in the financial services sector. We conducted the study working with the U.S. Secret Service, the U.S. Department of the Treasury, and project partners from the U.S. financial services sector.
Continue reading Study on Insider Cyber Fraud in Financial Services Released
Hi, this is Bill Claycomb and Alex Nicoll with installment 2 of a 10-part series on cloud-related insider threats. In this post, we present three types of cloud-related insiders and discuss one in detail—the “rogue administrator.” This insider typically steals the cloud provider’s sensitive information, but can also sabotage its IT infrastructure. The insider described by this threat may be motivated financially or by revenge.
Continue reading Insider Threats Related to Cloud Computing--Installment 2: The Rogue Administrator
The CERT Insider Threat Center has been busy this spring developing publications, presenting podcasts, and attending conferences to extend the knowledge and research we’ve collected into the public domain. This blog post contains a few highlights of recent accomplishments and a sneak peak of what we’re planning for the future.
Continue reading The CERT Insider Threat Center has been busy this spring.
The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud) by Addison-Wesley Professional has recently been published. The book is available for purchase at Addison-Wesley’s InformIT website at http://www.informit.com/store/product.aspx?isbn=9780321812575.
Continue reading The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud)
The term organized crime brings up images of mafia dons, dimly lit rooms, and bank heists. The reality today is more nuanced; especially as organized crime groups have moved their activities online. The CERT Insider Threat Center recently released a publication titled Spotlight On: Malicious Insiders and Organized Crime Activity. This article focuses on a cross-section of CERT’s insider threat data, incidents consisting of 2 or more individuals involved in a crime. What we found is that insiders involved in organized crime caused more damage (approximately $3M per crime) and bypassed protections by involving multiple individuals in the crime.
Continue reading Insiders and Organized Crime
This is the second of two blog entries that explore questions we were asked during a recent meeting with leaders from the U.S. financial services sector. In this entry, we focus on what role malicious insiders typically hold in an organization: a non-technical position, a technical position, or both. "Non-technical" includes positions such as management, sales, and auditors. "Technical" includes positions such as system or database administrators, programmers, and helpdesk employees. "Both" includes overlapping jobs such as IT managers.
Continue reading Insider Threat Case Trends of Technical and Non-Technical Employees
Hi, this is Chris King. Any organization that stores data about individuals has a responsibility to protect that information. We regularly hear news stories about celebrities' personal information being stolen and released to the media. Some of these leaks are caused by unauthorized individuals at organizations who are entrusted with confidential data. Recently, the media reported on an incident in which the confidential records of a contestant on a popular reality television show were improperly accessed by employees in multiple law enforcement agencies, a municipal court, a prosecutor’s office, and the state department of motor vehicles. These people were eventually identified and punished, but this incident should remind organizations that deal with confidential information that it is important to be proactive about monitoring for unauthorized access.
Continue reading A Threat-Centric Approach to Detecting and Preventing Insider Threat
The content on this site is made available on an "as is" basis without any warranties and solely for your personal viewing. Carnegie Mellon University is not liable for any consequences arising out of your use of such materials.