Citation[]
U.S. Secret Service & CERT/SEI, Insider Threat Study: Illicit Cyber Activity in the Information Technology and Telecommunications Sector (ITS) (Jan. 2008) (full-text).
Overview[]
Initiated in 2002, the ITS is a multi-year exploration of employees who have perpetrated acts of harm against an organization via computer system or network to include theft of intellectual property, fraud, and acts of sabotage within critical infrastructure sectors.
The ITS focuses on the people who use or exceed their authorized access to information systems to perpetrate harm to organizations. The prevention of insider activity is important to the Secret Service because it can adversely affect the investigative and protective missions of the agency. Specifically, the Secret Service investigates:
- violations of law related to financial crimes that include, but are not limited to, financial institution fraud, identity theft, access device fraud, and computer fraud.
- computer-based attacks on our nation’s financial, banking, and telecommunications infrastructure
- cyber security incidents, such as acts of sabotage, that cause the failure or compromise of information systems critical to the protective mission.
The goal of this research was to gather information to enhance threat assessment efforts — efforts to identify, assess, and manage the risk of harm an individual may pose before that individual has an opportunity to engage in violent, or disruptive, behavior.