This report is the third in the quarterly series, Spotlight On, published by the Insider Threat Center at CERT and funded by CyLab. Each report focuses on a specific area of concern and presents analysis based on hundreds of actual insider threat cases cataloged in the CERT insider threat database. For more information about CERT's insider threat work, see http://www.cert.org/insider_threat/.
In this article, we focus on current or former employees, contractors, or business partners who stole intellectual property (IP), such as source code, scientific formulas, engineering drawings, strategic plans, or proposals from their organizations to benefit a foreign entity. We drew the case material from a mixture of court documents, Department of Justice press releases, and media reports. As in the previous articles in this series, we begin by explaining the criteria used to select cases for this article. Next, we provide a snapshot that focuses on the questions of who, what, where, when, why, and how. Then, we provide a summary of the relevant details of those cases. Finally, we provide a series of recommendations that could potentially mitigate the risk of similar occurrences.