Enemy at The Water Cooler
Thursday, June 17, 2010
Even Google has it!!!
Monday, June 14, 2010
DuPont Case
Thursday, June 10, 2010
Hey guys, I searched for insider threat cases in the web for you and you will be surprised to find out how many cases I found, I mean a lot!!!!
Min, 43, was accused of stealing approximately $400 million worth of information from DuPont and attempting to leak it to a third party. He is scheduled to be sentenced March 29.
According to local news reports, a naturalized U.S. citizen from China surrendered his passport and is cooperating with federal authorities. Min's attorney, Michael Mustokoff, said his client accepts responsibility for what he did.
Investigators say Min joined DuPont in 1995 but began exploring a new job opportunity in Asia in 2005 with Victrex PLC, a DuPont competitor. Shortly after opening the dialog with Victrex, Min reportedly proceeded to download approximately 22,000 abstracts from DuPont's data library and accessed about 16,700 documents. After Min gave his notice, DuPont discovered what he was up to and brought in the FBI.
In the DuPont case, Ben-Natan noted how Min downloaded tens of thousands of documents. "A normal employee wouldn't need to review 16,000 documents. Why would you? In hindsight, they would find that a normal employee wouldn't download more than a couple hundred documents a day," Ben-Natan said. "The key is to know what is normal activity so you can spot the abnormal."
you can also find more information about DuPont case in following websites:
http://www.informationweek.com/news/security/showArticle.jhtml?articleID=197006474
http://www.computerworld.com/s/article/283564/DuPont_Data_Theft_Shows_Insider_Risks
these so many cases confirm this fact that insider threat is very important issue and ignoring it can create huge losses for the companies.
thanks to these cases we can get better understanding of the ways that employees position themselves as insider threat.
these experiences created so much losses for its company but its free for you!!! so don't hesitate of reading the cases.
Inside Security Tactics
Saturday, June 5, 2010
Statistics
Thursday, June 3, 2010
Survey participants in London and New York: 600
- Departing workers who took sensitive information with them: 40%
- Portion who would provide this information if it would help to find another job: 1/3
- Percentage of employees who are aware of the illegality of stealing information: 85%
- Portion of this population who do it any way: 1/2
- Percentage who believe it will be useful it some point in the future: >50%
- Percentage who find it easier to pilfer information this year: 57%
- Percentage last year: 29%
- Percentage who claimed they would take company info if fired tomorrow: 48%
- Percentage who would download company/competitive information if their jobs are at risk: 39%
- Portion of workers who have lost loyalty to their employers because of the recession: 1/4
- Percentage of those who take information “just in case”: 64%
- Percentage who would use the information in future job negotiations: 27%
- Percentage who would use the information as tools in their new jobs: 20%
- Those who would take customer and contact details: 29%
Stuff Stolen:
- Plans and proposals: 18%
- Passwords and access codes: 13%
- Product information: 11%
Those would go out of their way:
- Percentage of workers who would strive to find the redundancy list: 32%
- Percentage of those who would bribe a co-worker in the human resources department: 43%
- Who would use their own IT-granted access rights: 37%
- Who would use personal contacts of those in the IT dep
- One in five workers (21%) let family and friends use company laptops and PCs to access the Internet.
- More than half (51%) connect their own devices or gadgets to their work PC.
- A quarter of these do so every day.
- Around 60% admit to storing personal content on their work PC.
- One in ten confessed to downloading content at work they shouldn't.
- Two thirds (62%) admitted they have a very limited knowledge of IT Security.
- More than half (51%) had no idea how to update the anti-virus protection on their company PC.
- Five percent say they have accessed areas of their IT system they shouldn't have.