search menu icon-carat-right cmu-wordmark

Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector

Technical Report
In this 2005 report, the authors outline the ITS, a study of insider incidents identified by public reporting or in fraud cases from the Secret Service.
Publisher

Software Engineering Institute

CMU/SEI Report Number
CMU/SEI-2004-TR-021
DOI (Digital Object Identifier)
10.1184/R1/6574517.v1

Abstract

Current and former employees, contractors, and other organizational "insiders" pose a substantial threat by virtue of their knowledge of and access to their employers' systems and/or databases and their ability to bypass existing physical and electronic security measures through legitimate means. Previous efforts to study insider incidents have focused on convenience samples and narrow areas of industry and have not examined the incidents from both behavioral and technical perspectives simultaneously. These gaps in the literature have made it difficult for organizations to develop a comprehensive understanding of the insider threat and address the issue from an approach that draws on human resources, corporate security, and information security perspectives. 

The Secret Service National Threat Assessment Center and the CERT Coordination Center of Carnegie Mellon University's Software Engineering Institute joined efforts to conduct a unique study of insider incidents, the Insider Threat Study (ITS), examining actual cases identified through public reporting or as a computer fraud case investigated by the Secret Service. Each case was analyzed from a behavioral and a technical perspective to identify behaviors and communications in which the insiders engaged-both online and offline-prior to and including the insiders' harmful activities. Section 1 of this report presents an overview of the ITS, including its background, scope, and study methods. Section 2 reports the findings and implications specific to research conducted on insider threat cases in the banking and finance sector.

Cite This Technical Report

Randazzo, M., Keeney, M., Kowalski, E., Cappelli, D., & Moore, A. (2005, June 1). Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector. (Technical Report CMU/SEI-2004-TR-021). Retrieved March 29, 2024, from https://doi.org/10.1184/R1/6574517.v1.

@techreport{randazzo_2005,
author={Randazzo, Marissa and Keeney, Michelle and Kowalski, Eileen and Cappelli, Dawn and Moore, Andrew},
title={Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector},
month={Jun},
year={2005},
number={CMU/SEI-2004-TR-021},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6574517.v1},
note={Accessed: 2024-Mar-29}
}

Randazzo, Marissa, Michelle Keeney, Eileen Kowalski, Dawn Cappelli, and Andrew Moore. "Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector." (CMU/SEI-2004-TR-021). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, June 1, 2005. https://doi.org/10.1184/R1/6574517.v1.

M. Randazzo, M. Keeney, E. Kowalski, D. Cappelli, and A. Moore, "Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Report CMU/SEI-2004-TR-021, 1-Jun-2005 [Online]. Available: https://doi.org/10.1184/R1/6574517.v1. [Accessed: 29-Mar-2024].

Randazzo, Marissa, Michelle Keeney, Eileen Kowalski, Dawn Cappelli, and Andrew Moore. "Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector." (Technical Report CMU/SEI-2004-TR-021). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 Jun. 2005. https://doi.org/10.1184/R1/6574517.v1. Accessed 29 Mar. 2024.

Randazzo, Marissa; Keeney, Michelle; Kowalski, Eileen; Cappelli, Dawn; & Moore, Andrew. Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector. CMU/SEI-2004-TR-021. Software Engineering Institute. 2005. https://doi.org/10.1184/R1/6574517.v1