insider threat

Insider threats are often disgruntled employees or ex-employees who believe that the business, institution, or agency has "done them wrong" and feel justified in gaining revenge. The malicious activity usually occurs in four steps or phases. First, the cracker gains entry to the system or network. Secondly, the cracker investigates the nature of the system or network in order to learn where the vulnerable points are and where the most damage can be caused with the least effort. Thirdly, the cracker sets up a workstation from which the nefarious activity can be conducted. Finally, the actual destructive activity takes place.

The damage caused by an insider threat can take many forms, including the introduction of viruses, worms, or Trojan horses; the theft of information or corporate secrets; the theft of money; the corruption or deletion of data; the altering of data to produce inconvenience or false criminal evidence; and the theft of the identities of specific individuals in the enterprise. Protection against the insider threat involves measures similar to those recommended for Internet users, such as the use of multiple spyware scanning programs, anti-virus programs, firewalls, and a rigorous data backup and archiving routine.

Read more about insider threat: - The Research Foundation at Texas A&M University discusses the insider threat. - Carnegie Mellon Software Institute has conducted a study of the insider threat in banking and finance. - Intrusic outlines how malicious hackers compromise information systems and offers solutions.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

BROWSE BY TAG Security Awareness Training and Internal Threats,   Information Security Management,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Twitter risks, Facebook threats trouble security pros Security can't slow down the Twitter phenomenon, but it can take steps to prevent data leakage. Social engineering training could disrupt botnet growth Security pros should address social engineering attacks with end users, helping them identify the tactic and possibly have an impact on botnet... How to write a risk methodology that blends business, security needs One security professional describes a homegrown risk methodology currently being used by a large university and a private corporation.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary dumpster diving  (SearchSecurity.com) Honeynet Project  (SearchSecurity.com)