Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector

This report describes a new insider threat study funded by the U.S. Department of Homeland Security (DHS) Science and Technology Directorate (S&T) in collaboration with the U.S. Secret Service (USSS) and the CERT Insider Threat Center, part of Carnegie Mellon University's Software Engineering Institute. Researchers extracted technical and behavioral patterns from 67 insider and 13 external fraud cases; all 80 cases occurred between 2005 and the present. Using this information, we developed insights and risk indicators of malicious insider activity within the banking and finance sector. This information is intended to help private industry, government, and law enforcement more effectively prevent, deter, detect, investigate, and manage insider threats in this sector.

PDF [710 KB]

Authors

Adam Cummings (CERT)

Todd Lewellen

David McIntire (CERT)

Andrew P. Moore

Randall F. Trzeciak

This report is related to the following area(s) of work:

Security and Survivability

Special Report
CMU/SEI-2012-SR-004
July 2012

Cite This Report

SEI:

Cummings, Adam; Lewellen, Todd; McIntire, David; Moore, Andrew; & Trzeciak, Randall. Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector (CMU/SEI-2012-SR-004). Software Engineering Institute, Carnegie Mellon University, 2012. http://www.sei.cmu.edu/library/abstracts/reports/12sr004.cfm

IEEE:

A. Cummings, T. Lewellen, D. McIntire, A. Moore, and R. Trzeciak, "Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Special Report CMU/SEI-2012-SR-004, 2012. http://www.sei.cmu.edu/library/abstracts/reports/12sr004.cfm

APA:

Cummings, A., Lewellen, T., McIntire, D., Moore, A., & Trzeciak, R. (2012). Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector (CMU/SEI-2012-SR-004). Retrieved May 26, 2013, from the Software Engineering Institute, Carnegie Mellon University website: http://www.sei.cmu.edu/library/abstracts/reports/12sr004.cfm

CHI:

Cummings, Adam, Todd Lewellen, David McIntire, Andrew Moore, and Randall Trzeciak. Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector (CMU/SEI-2012-SR-004). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2012. http://www.sei.cmu.edu/library/abstracts/reports/12sr004.cfm

MLA:

Cummings, A., Lewellen, T., McIntire, D., Moore, A., & Trzeciak, R. 2012. Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector (Technical Report CMU/SEI-2012-SR-004). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://www.sei.cmu.edu/library/abstracts/reports/12sr004.cfm

Find Us Here

Find us on Youtube  Find us on LinkedIn  Find us on twitter  Find us on Facebook

Share This Page

Share on Facebook  Send to your Twitter page  Save to del.ico.us  Save to LinkedIn  Digg this  Stumble this page.  Add to Technorati favorites  Save this page on your Google Home Page 

For more information

Contact Us

info@sei.cmu.edu

412-268-5800

Help us improve

Visitor feedback helps us continually improve our site.

Please tell us what you
think with this short
(< 5 minute) survey.