TechWeb

Study Highlights Insider Threats

Aug 25, 2006 (01:08 PM EDT)

Read the Original Article at http://www.informationweek.com/news/showArticle.jhtml?articleID=192300421


A study by the Secret Service shows that insider attacks on computers and networks aren't just a spur-of-the-moment phenomenon. Most attacks are planned in advance, and alert managers can often spot an attacker in the making.

Among the more interesting statistics from the Secret Service study:

-- 80% of insiders who launched attacks on their companies had exhibited negative behaviors before the incident

-- 92% had experienced a negative work-related event, such as a demotion, transfer, warning or termination

-- At the time of the incident, 59% were former employees or contractors, while 41% were still on the company clock

-- Of the former employees, 48% had been fired, 38% had resigned and 7% had been laid off

-- 86% were employed in a technical position. Of them, 38% were system administrators

-- 21% were programmers, 14% were engineers and 14% were IT specialists

-- 96% of the inside attackers were male

-- Just under one-third of the insiders had an arrest history

-- 57% of insiders were perceived by others to be disgruntled

-- The majority of insiders compromised computer accounts, created unauthorized backdoor accounts or used shared accounts in their attacks

-- Remote access was used to carry out the majority of the attacks

-- The most frequent reported motive was revenge