Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

White Paper

Spotlight On: Programming Techniques Used as an Insider Attack Tool

  • Abstract

    This report is the first in a new quarterly series, Spotlight On, published by the CERT insider threat team and funded by CyLab. Each report will focus on a specific area of concern and present analysis based on the hundreds of actual insider threat cases cataloged in the CERT insider threat database. For more information about CERT's insider threat work, see 

    In this article, we focus on persons who used programming techniques to commit malicious acts against their organizations. We begin by providing a snapshot of the cases, then detail the actions taken by the insiders in each case. A summary of issues related to the cases follows, as well as references to best practices that might have been effective in countering these incidents.

  • Download