By: Taysha Johnson

What is an insider threat? 1.A current or former employee, contractor, or other business partner who has or had authorized access to an organization's network, system or data 2.Intentionally exceeding or misusing that access in a manner that negatively affected the confidentiality integrity or availability of the organizations information or information systems

Why is this a problem? Most difficult to deal with because insiders have information and capabilities that “external attackers” may not be able to obtain. Most serious security problem within organizations

The dangers of employees Employee Sabatoge : Destroying hardware, software, or data. Plant time bomb or logic bomb on computer Employee Hacking: Intentionally accessing a computer resource without authorization or in excess of authorization

Types of attatcks Computer and internet abuse Extortion Financial theft Property theft Data loss Trade Secrets

Computer and internet insider threats Unauthorized access to confidential or non personal information Activities that violate a company's policies about their IT use Downloading pornography Downloading pirated music, video or software Surfing the internet for personal purposes on companys time

Employee extortion Employee using ability to damage systems or access confidential information to extort the company

What is employee extortion? The perpetrator tries to acquire money or other goods by threatening to take actions that would be against the victims interest Example : Employee steal information from a company’s computer and request money to not leak it out to other competitors.

Financial theft 2 different types 1. Finacnial theft Involves misuse of assets or theft of money 2. Intellectual property theft Information owned by company Protected by law Trade secrets, Copyrights, Patents, Trade Names and Trademarks

Data loss Getting rid of computers with hard drives not removed Loss of wireless technology Loss of optical disks Loss of USB RAM drives

Trade secret Pieces of delicate information that a company acts to keep secret For example: blueprints, strategies, product formulations business processes, price lists, customer lists, and any other type of information that the company wants to keep top secret from competitors

PREVENTING ATTACKS…

Why your own employees can be threatening All employees are potential threats because of their knowledge. Employees know the systems in and out meaning they can access any information. They have the authorizations to get into the sensitive areas of a system Employees are not suspicious because most companies tend to trust their employees so they are able to avoid detection

Why might you want to learn how to prevent insider threats? TO AVOID…… Loss or compromise of classified information (Secret Service) Weapons system cloned, destroyed or countered ( US military) Loss of technological advantage (NASSA) Financial loss (Large Franchise Bank) LOSS OF LIFE

Preventing employee insider threat Introduce strict rules on authorization for passwords and codes to log into secure or private systems Focus on three main areas: Hiring Supervising Firing Practice in these areas will lessen the severity of insider threats! If they are all done to perfection.

How to prevent insider threats as an employee Reporting suspicious behavior that may have been related to a classified topic Be aware of the actions around you

How to prevent insider threats as management Inform employees that they are the first line of defense against insider threats. Delegate specific job responsibilities and data access rights Present firm policies to manage accounts and passwords Monitor and collect employee activity logs in real time

Suspicious Behaviors Keeping classified materials in an unauthorized location Discussing classified materials on a non secure phone

Suspicious behavior cont. Repeated or un-required work outside of normal duty hours Sudden change of financial situation or sudden repayment of large debts or loans Trying to conceal travel outside of country

U.S. CASES qbw

Cases involving insiders…. Michael Mitchell Was fired from his job due to poor performance, however he concealed numerous computer files with his employers trade secrets than entered into a consulting agreement with a Korean firm and gave them the stolen trade secrets. He was sentenced to 18 months in prison and was ordered to pay his former employer over $187,000

Cases involving insiders… Chi Mak Sent to the US in 1978 by China to obtain employment in the defense industry with the goal of stealing US defense secrets which he did for over 20 ye ars. Mak was convicted of conspiracy, falling to register as an agent of a foreign government and many others. He was sentenced to 24 years in prison.

Works cited

THE END !!!! =)