Skip the navigation
News

Study notes link between IT sabotage, work behavior

Workers likely to sabotage corporate systems can be identified ahead of time

By Manek Dubash
February 7, 2007 12:00 PM ET

TechWorld.com - Workers who sabotage corporate systems are almost always IT workers who exhibit specific negative office behavior, according to recent research.

That is the conclusion of the U.S. military in conjunction with Carnegie Mellon University’s CERT Coordination Center, which together analyzed insider cybercrimes across a variety of critical industry sectors.

The research suggests that potential troublemakers should be easy to spot. Nearly all the cases of cybercrime investigated were carried out by people who were disgruntled and paranoid, generally showed up late, argued with colleagues and generally performed poorly.

According to the study, 86% of those who committed cybercrimes held technical positions and 90% had systems administrator or privileged system access. Almost half -- 41% -- of those who sabotaged IT systems were employed at the time they did it, but most crimes were committed by insiders following termination. Most incursions -- 64% -- involved VPNs and old passwords that had never been terminated, highlighting a lack of security controls and gaps in their organizations’ access controls.

As a result, Carnegie Mellon has developed a methodology that it said can help detect insider threats as early as possible, involving management, IT, human resources, security officers and others who "must understand the psychological, organizational and technical aspects of the problem, as well as how they coordinate their actions over time."

The university's study is titled Management and Education of Risks of Insider Threat (MERIT): System Dynamics Modeling of Computer System Sabotage.

According to security management vendor Calum Macleod of Cyber-Ark Software Ltd., most organizations are leaving themselves exposed by "not paying due care and attention to the people who are charged with looking after their systems and applications." Even outsourcing cannot fully resolve the problem, he said.

Macleod's solution is password management. This means ensuring that policies and standards are in place to control administrative access by containing the number of privileged accounts to three or fewer. This reduces the difficulty of managing those accounts. Passwords also need to be changed regularly.

Macleod concluded: "So as far as doing the right thing, I’d suggest that you start from the basis that your IT [staffers] are the biggest risk to your organization's security, and if [any] of them disputes this, remember that arguing with colleagues was one of the clear signs of an impending attack.

"And automate the whole process," Macleod said. "If privileged password management is not on your shopping list in 2007, it may already be too late."

Reprinted with permission from TechWorld.com. Copyright 2010 IDG, all rights reserved.
Additional Resources
Forrester Consulting - Optimizing Users and Applications in a Mobile World
WHITE PAPER
Solving application issues over the WAN requires careful consideration. Based on their independent research, Forrester Consulting offers recommendations on how to tackle application performance issues, insufficient bandwidth and the inability to quickly restore users in a disaster.

Read now.

Security KnowledgeVault
WHITE PAPER
Security is not an option. This KnowledgeVault Series offers professional advice how to be proactive in the fight against cybercrimes and multi-layered security threats; how to adopt a holistic approach to protecting and managing data; and how to hire a qualified security assessor. Make security your Number 1 priority.

Read now.

Cut Communications Costs Once and for All
WHITE PAPER
New IP-based communications systems are being deployed by small and midsized businesses at a rapid rate. Learn how these organizations are enabling faster responsiveness, creating better customer experiences, speeding office or mobile interactions, and dramatically reducing existing communications costs.

Read now.

Network Security White Papers
Overcome Top 7 Admin Challenges of Active Directory
As Active Directory's role in the enterprise has drastically increased, so has the need to secure the data. Gain insight on creating repeatable,...
Insiders Can Ruin Your Company. Take Action.
Did you know that 80 percent of threats to an organization come from the inside? The threat from insiders is often overlooked in...
Top Solutions and Tools to Prevent Devastating Malware
Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring...
Streamline Compliance and Increase ROI
Streamline, simplify, and automate compliance related activities; especially those that impact multiple business units. This white paper from NetIQ, outlines solutions that will...
X-Ray of the PCI Process-4 Proactive Steps
This white paper from Forrester Research Inc., helps break PCI into understandable components. Security and risk professionals will gain knowledge and insight into...
All Network Security White Papers
Network Security Webcasts
Try the OptiView® XG on your network - FREE
The OptiView® XG is the first dedicated tablet with automated network and application analysis -- fastest way to root cause. XG raises the...
Optimizing Networks for the Cloud
Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and...
Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as...
Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and...
Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn...
All Network Security Webcasts
Newsletter Sign-Up

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  1. View all newsletters | Privacy Policy
IT Jobs