Transaction Search Form: please type in any of the fields below.
Date: April 30, 2024 Tue
Time: 2:47 am
Time: 2:47 am
Results for insider threats
3 results foundAuthor: King, Chris Title: Spotlight On: Malicious Insiders and Organized Crime Activity Summary: The term organized crime brings up images of mafia dons, dimly lit rooms, and bank heists. The reality today is more nuanced; especially as organized crime groups have moved their activities online. This article focuses on a cross-section of CERT’s insider threat data, incidents consisting of 2 or more individuals involved in a crime. What we found is that insiders involved in organized crime caused more damage (approximately $3M per crime) and bypassed protections by involving multiple individuals in the crime. As organized crime has made its way online, it has become a significant source of fraud and embezzlement. Several recent news articles have raised awareness of this threat. The online crimes are often committed by individuals inside the organization who are attempting to bypass increasingly sophisticated fraud prevention controls. Analysis of multiple cases of insiders and organized crime has shown that the incidents fall into two primary categories: insiders either formed their own groups to bypass controls, or were recruited by established organized crime groups for a particular task in the commission of a crime. Details: Pittsburgh, PA: Carnegie Mellon University, Software Engineering Institute, 2012. 20p. Source: Internet Resource: Accessed September 27, 2012 at: www.cert.org/archive/pdf/12tn001.pdf Year: 2012 Country: United States URL: Shelf Number: 126469 Keywords: CybercrimeEmbezzlementFraudInsider ThreatsOrganized Crime |
Author: Cummings, Adam Title: Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector Summary: This report describes a new insider threat study funded by the U.S. Department of Homeland Security (DHS) Science and Technology Directorate (S&T) in collaboration with the U.S. Secret Service (USSS) and the CERT Insider Threat Center, part of Carnegie Mellon University's Software Engineering Institute. Researchers extracted technical and behavioral patterns from 67 insider and 13 external fraud cases; all 80 cases occurred between 2005 and the present. Using this information, we developed insights and risk indicators of malicious insider activity within the banking and finance sector. This information is intended to help private industry, government, and law enforcement more effectively prevent, deter, detect, investigate, and manage insider threats in this sector. Details: Pittsburgh, PA: Carnegie Mellon University, Software Engineering Institute, 2012. 76p. Source: Internet Resource: Accessed September 27, 2012 at: http://www.sei.cmu.edu/library/abstracts/reports/12sr004.cfm Year: 2012 Country: United States URL: http://www.sei.cmu.edu/library/abstracts/reports/12sr004.cfm Shelf Number: 126470 Keywords: CybercrimeFinancial FraudInsider Threats |
Author: Randazzo, Marisa Reddy Title: Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector Summary: Current and former employees, contractors, and other organizational “insiders” pose a substantial threat by virtue of their knowledge of and access to their employers’ systems and/or databases and their ability to bypass existing physical and electronic security measures through legitimate means. Previous efforts to study insider incidents have focused on convenience samples and narrow areas of industry and have not examined the incidents from both behavioral and technical perspectives simultaneously. These gaps in the literature have made it difficult for organizations to develop a comprehensive understanding of the insider threat and address the issue from an approach that draws on human resources, corporate security, and information security perspectives. The Secret Service National Threat Assessment Center and the CERT Coordination Center of Carnegie Mellon University’s Software Engineering Institute joined efforts to conduct a unique study of insider incidents, the Insider Threat Study (ITS), examining actual cases identified through public reporting or as a computer fraud case investigated by the Secret Service. Each case was analyzed from a behavioral and a technical perspective to identify behaviors and communications in which the insiders engaged—both online and offline—prior to and including the insiders’ harmful activities. Section 1 of this report presents an overview of the ITS, including its background, scope, and study methods. Section 2 reports the findings and implications specific to research conducted on insider threat cases in the banking and finance sector. Details: Pittsburgh, PA: Carnegie Mellon University, Software Engineering Institute, 2005. 36p. Source: Internet Resource: Accessed October 7, 2012 at http://www.sei.cmu.edu/reports/04tr021.pdf Year: 2005 Country: United States URL: http://www.sei.cmu.edu/reports/04tr021.pdf Shelf Number: 126569 Keywords: Corporate CrimeCybercrimeFinancial FraudInsider ThreatsRisk Management |