Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University
Menu
Home Digital Library Unintentional Insider Threats: A Review of Phishing and Malware Incidents by Economic Sector

Digital Library

Technical Note

Unintentional Insider Threats: A Review of Phishing and Malware Incidents by Economic Sector

  • July 2014
  • By CERT Insider Threat Team
  • This report analyzes unintentional insider threat cases of phishing and other social engineering attacks involving malware.
  • Publisher: CERT
    CMU/SEI Report Number: CMU/SEI-2014-TN-007

  • Abstract

    The research documented in this report seeks to advance the understanding of the unintentional insider threat (UIT) that results from phishing and other social engineering cases, specifically those involving malicious software (malware). The research team collected and analyzed publicly reported phishing cases involving malware and performed an initial analysis of the industry sectors impacted by this type of incident. This report provides that analysis as well as case examples and potential recommendations for mitigating UITs stemming from phishing and other social engineering incidents. The report also compares security offices’ current practice of UIT monitoring to the current manufacturing and healthcare industries’ practice of tracking near misses of adverse events.

  • Download

Cite This Report

SEI

CERT Insider Threat Team, .. Unintentional Insider Threats: A Review of Phishing and Malware Incidents by Economic Sector. CMU/SEI-2014-TN-007. Software Engineering Institute, Carnegie Mellon University. 2014. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=297771

IEEE

CERT Insider Threat Team. ., "Unintentional Insider Threats: A Review of Phishing and Malware Incidents by Economic Sector," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Note CMU/SEI-2014-TN-007, 2014. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=297771

APA

CERT Insider Threat Team, .. (2014). Unintentional Insider Threats: A Review of Phishing and Malware Incidents by Economic Sector (CMU/SEI-2014-TN-007). Retrieved February 21, 2019, from the Software Engineering Institute, Carnegie Mellon University website: http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=297771

CHI

. CERT Insider Threat Team. Unintentional Insider Threats: A Review of Phishing and Malware Incidents by Economic Sector (CMU/SEI-2014-TN-007). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2014. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=297771

MLA

CERT Insider Threat Team, .. 2014. Unintentional Insider Threats: A Review of Phishing and Malware Incidents by Economic Sector (Technical Report CMU/SEI-2014-TN-007). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=297771

BibTex

@techreport{CERTUnintentionalInsider2014,
title={Unintentional Insider Threats: A Review of Phishing and Malware Incidents by Economic Sector},
author={. CERT Insider Threat Team},
year={2014},
number={CMU/SEI-2014-TN-007},
institution={Software Engineering Institute, Carnegie Mellon University},
address={Pittsburgh, PA},
url={http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=297771} }