Spy the Lie: Detecting Malicious Insiders

Abstract: Insider threat is a hard problem. There is no ground truth, there are innumerable variables, and the data is sparse. The types of crimes and abuses associated with insider threats are significant; the most serious include espionage, sabotage, terrorism, embezzlement, extortion, bribery, and corruption. Malicious activities include an even broader range of exploits, such as negligent use of classified data, fraud, cybercrime, unauthorized access to sensitive information, and illicit communications with unauthor… Show more

“…Starting from a harm-oriented perspective, the insider threat definition depends on whether or not the insider has the intention to harm the organization. Generally, a distinction is made between malicious and non-malicious insider threats (Bunn & Sagan, 2016;Noonan, 2018;Nurse et. al., 2014;Sarkar, 2010).…”

“…Here, it is imprecise whether it relates to intentional or unintentional unauthorized access, use or disclosure. Also the definitions of Padayachee (2016), Gelles (2016), and Greitzer, Kangas, Noonan, Dalton & Hohimer (2012), the latest also used by Noonan (2018), Krull (2016) and BaMaung, McIlhatton, MacDonald & Beattie (2018), refrain from explicitly mentioning the intentionality of the misuse of the privilege. Therefore, they leave too much ambiguity on whether or not insiders that unwittingly misconduct fall under the scope of the insider threat concept.…”

Redefining insider threats: a distinction between insider hazards and insider threats

“…Starting from a harm-oriented perspective, the insider threat definition depends on whether or not the insider has the intention to harm the organization. Generally, a distinction is made between malicious and non-malicious insider threats (Bunn & Sagan, 2016;Noonan, 2018;Nurse et. al., 2014;Sarkar, 2010).…”

“…Here, it is imprecise whether it relates to intentional or unintentional unauthorized access, use or disclosure. Also the definitions of Padayachee (2016), Gelles (2016), and Greitzer, Kangas, Noonan, Dalton & Hohimer (2012), the latest also used by Noonan (2018), Krull (2016) and BaMaung, McIlhatton, MacDonald & Beattie (2018), refrain from explicitly mentioning the intentionality of the misuse of the privilege. Therefore, they leave too much ambiguity on whether or not insiders that unwittingly misconduct fall under the scope of the insider threat concept.…”

Redefining insider threats: a distinction between insider hazards and insider threats

“…Unter Betrug wird vorsätzliche Täuschung verstanden, um einen rechtswidrigen oder unberechtigten Nutzen zu erwirken (Noonan 2018). Betrug nimmt viele Formen an, u. a. Identitätsdiebstahl, Wirtschaftskriminalität und Marktmanipulation.…”

“…Noch früher setzt die Maßnahme an, Mitarbeiter vor deren Einstellung, je nach Zugang zu kritischen Informationen, entsprechend zu überprüfen (Noonan 2018). Je nach Art der Organisation gibt es dafür verschiedene rechtlich zulässige Möglichkeiten, wie z.…”

“…Studien belegen, dass die meisten Saboteure gerade die Systeme sabotieren, die sie täglich nutzen -obwohl es deren Aufgabe ist, diese am Laufen zu halten. Typische Motive für Sabotage sind Frustration, Rache, mangelnde Wertschätzung und das Gefühl der Machtlosigkeit gegenüber einer vermeintlich ungerechten Behandlung (Kont et al 2018;Noonan 2018).…”

Insider Threats – Der Feind in den eigenen Reihen

Insider Threats – Der Feind in den eigenen Reihen