DID YOU KNOW? DTIC has over 3.5 million final reports on DoD funded research, development, test, and evaluation activities available to our registered users. Click HERE
to register or log in.
Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors
NATIONAL THREAT ASSESSMENT CTR WASHINGTON DC
Pagination or Media Count:
Efforts to estimate how often companies face attacks from within are difficult to make. It has been suggested that insider attacks are under-reported to law enforcement and prosecutors. Reasons for such under-reporting include an insufficient level of damage to warrant prosecution, a lack of evidence or insufficient information to prosecute, and concerns about negative publicity. Moreover, statistics vary regarding the prevalence of cases perpetrated by insiders compared to those perpetrated by individuals external to the target organizations. The E-Crime Watch SurveyTrademark, carried out by the United States Secret Service Secret Service, the CERTCopyright R Program of Carnegie Mellon Universitys Software Engineering Institute CERT, and CSO Magazine in spring 2004, elicited responses from 500 security and law enforcement executives on issues related to electronic crimes. Among the 70 percent of respondents who were able to identify whether outsiders or insiders were responsible for an e-crime or intrusion committed in 2003, 71 reported that one or more attacks were known or suspected to have come from outsiders compared to 29 from insiders. Respondents identified current or former employees and contractors as the second greatest cyber security threat, preceded only by hackers.
APPROVED FOR PUBLIC RELEASE