Spotlight On: Programming Techniques Used as an Insider Attack Tool

December 1, 2008 • White Paper

By

Dawn Cappelli, Thomas C. Caron (John Heinz III College, School of Information Systems Management, Carnegie Mellon University), Randall F. Trzeciak, and Andrew P. Moore

In this report, the authors focus on persons who use programming techniques to commit malicious acts against their organizations.

Publisher

Software Engineering Institute

Subjects

Insider Threat

Abstract

This report is the first in a new quarterly series, Spotlight On, published by the CERT insider threat team and funded by CyLab. Each report will focus on a specific area of concern and present analysis based on the hundreds of actual insider threat cases cataloged in the CERT insider threat database. For more information about CERT's insider threat work, see http://www.cert.org/insider_threat/.

In this article, we focus on persons who used programming techniques to commit malicious acts against their organizations. We begin by providing a snapshot of the cases, then detail the actions taken by the insiders in each case. A summary of issues related to the cases follows, as well as references to best practices that might have been effective in countering these incidents.

Software Engineering Institute