![]() The Central Bank of Bangladesh hired Fire-Eye to investigate this breach. $81 million dollars cyber theft from Central Bank of Bangladesh (Insider Threat Defense Inc, 2017). Pani’s intention was to use this information for personal gain. Though we will never know the real reason why he was gathering Intel’s proprietary documents during his job change to AMD, we know thatthose documents were very valuable to Intel. Based on the above facts that was far from truth. Pani signed paperwork which stated that he returned all Intel Trade Secrets under his possession per employment contract with Intel (USA v. Pani had signed a Non-Disclosure Agreement upon his acceptance of job at Intel. Intel’s trade secret document management system tracks document access information. Furthermore, Intel recovered a hardcopy of trade secret documents from his residence on July 1, 2008. To view those encrypted documents, he was trying to login to the Intel network two days after his last day at Intel, but was not able to. During that last week of his employment with Intel, he downloaded $1 Billion worth of design material in an Intel-provided work laptop over VPN. Pani was taking his vacation from Intel while he started working for AMD, Intel’s competitor. A former Intel design engineer, Biswamohan Pani was charged with stealing $1 billion worth of trade secrets of a next generation microprocessor on. $1 billion worth of trade secrets stolen by a design engineer (Insider Threat Defense Inc, 2017). The Symantec (2014) data breach reports that accidentally made public accounted for 29% and theft/loss computer/drive accounted for 27% of all data breaches. The same report also mentioned that top three industries where most of the breaches took place are in healthcare (30%), public administration (23%), and financial (13%). ![]() The Verizon (2017) data breach report mentioned that the top three motives are financial gain (60%), snooping (17%), and espionage (15%). The same Verizon (2006) report mentioned that the top five threats for negligent and accidental breaches are caused by capacity shortage, misdelivery, publishing errors, misconfiguration, and disposal errors. Top two motivations for the crime are financial gain (34%) and espionage (25%). Verizon (2016) data breach investigations report shows malicious or privilege misuse actors are predominantly end users (33%), followed by leadership roles (14%) and system administrators or developers (14%). Colwill (2010) covered both negligent and accidental under accidental.Īccording to Colwill (2010), “A malicious insider has the potential to cause more damage to the organization and has many advantages over an outside attacker…”. But repeated accidental actions could be considered ‘negligent’. Examples include emailing proprietary data to the wrong person, or be a victim of a phishing attack and install malware in the company network. ‘Accidental’ action neither has a motive to harm nor does it have a conscious decision to act inappropriately. Malicious insiders exploited business processes as often as they exploited technical vulnerabilities (Insider Threat Defense Inc, 2017). Examples include copying company proprietary information in a personal thumb drive to work during the weekend to meet a project deadline or be more productive. ‘Negligent’ action is based on conscious decision to act inappropriately, but do not have harmful motives. Examples include copying proprietary information such as intellectual property for personal gain, leaking pending merger talks to competitor company. ‘Malicious’ action requires a motive to harm the company with a conscious decision to act inappropriately (Kowalski et al, 2008). What are the insider threats and motives? The primary threats posed by an insider involve loss of valuable company data by his/her actions regardless of intent. By this definition, examples of an insider include employees (i.e., CEO, janitor, etc.), former employees, contractors, business partners, or suppliers if the party in question has active access to the third-party company’s asset (Kowalski et al, 2008, & Insider Threat Defense Inc, 2017). Who is an insider? An insider is anyone who has active physical or logical access to a third-party company asset involving information systems. Finally, this paper will present a framework to protect confidentiality, integrity and/or availability of data from insider threats. Malicious attacks are intentional, whereas negligent and accidental attacks are unintentional. Additionally, it will explain security gaps that lead to the loss of valuable sensitive, protected, or confidential data, regardless of attacker intent. The goals of this paper are to review and analyze selected cybercrimes’ events, where actors of those data breaches are insiders, and recommend a common set of actions which would have prevented or reduced successful criminal exploitations.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |