overview of
Download
Skip this Video
Download Presentation
Insider Attacks

Loading in 2 Seconds...

play fullscreen
1 / 8

Insider Attacks - PowerPoint PPT Presentation


  • 101 Views
  • Uploaded on

Overview of. Insider Attacks. Joe B. Taylor CS 591 Fall 2008. Introduction. Thriving defense manufacturing firm System administrator angered His role diminished with network he created Intimidates co-worker, obtains only backup tapes Terminated for abusive treatment of co-workers

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Insider Attacks' - lyris


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
overview of
Overview of

Insider Attacks

Joe B. Taylor

CS 591

Fall 2008

introduction
Introduction
  • Thriving defense manufacturing firm
    • System administrator angered
    • His role diminished with network he created
    • Intimidates co-worker, obtains only backup tapes
    • Terminated for abusive treatment of co-workers
    • Logic bomb deletes system
    • $10 Million in damage to the company
    • 80 employees laid off

Joe Taylor/Insider Attack

what is an insider attack
What is an Insider Attack?
  • Insider: person with legitimate access
  • Attack: harm or damage
  • Common goals
    • Sabotage
    • Theft of intellectual property
    • Fraud

Joe Taylor/Insider Attack

who are these insiders
Who are these Insiders?
  • The typical attacker
    • 32 years old
    • Male
    • Former full-time employee
    • System Administrator

Joe Taylor/Insider Attack

why do they attack
Why do they Attack?
  • Revenge
    • Termination
    • Disputes with employers
    • Demotions
    • Dissatisfaction with salary or bonuses
  • Greed
    • Most not in financial need
    • Outsiders persuade and pay for modifying data

Joe Taylor/Insider Attack

when do they attack
When do they Attack?
  • After a negative work-related event
  • After displaying concerning behavior at work
  • After planning the attack
  • After technical preparation

Joe Taylor/Insider Attack

how do we mitigate the risk
How do we mitigate the risk?
  • Awareness
    • Train employees on the importance of security
    • Train management on the warning signs
  • Prevention
    • Effective implementation of available protection
    • Expectation setting and positive intervention
  • Deterrence
    • Feedback to insiders about insider misuse
    • Publicize presence of capabilities to detect misuse

Joe Taylor/Insider Attack

references
References
  • Management and Education of the Risk of Insider Threat (MERIT): Mitigating the Risk of Sabotage to Employers’ Information, Systems, or Networks
  • Common Sense Guide to Prevention and Detection of Insider Threats: Version 2.1
  • Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors
  • The "Big Picture" of Insider IT Sabotage Across U.S. Critical Infrastructures
  • DoD Insider Threat Mitigation

Joe Taylor/Insider Attack

ad