Insider Threat

Insider threat refers to individuals with privileged access to sensitive areas and/or information who intentionally or unwittingly misuse or allow others to misuse this access to exploit vulnerabilities in an effort to compromise security or facilitate criminal activity, terrorism, or other illicit actions that inflict harm to people, an organization, the air transportation system or national security.


Madrid Airport Workers Busted for Stealing Jewelry, Bags, Phones, Cameras, and Even a Violin From Passenger Suitcases in Spain

Published by The Olive Press 7 March 2024

"THE Guardia Civil has busted a group of Madrid airport employees for stealing valuables from luggage with a value of over €120,000.

"16 employees of two companies operating at the airport have been arrested for pilfering bags, jewellery, clothing and electronic devices.

"Another 22 workers are being investigated."

To read this article, click here.



Tech, Training and Culture: Rising to the Challenge of Insider Threats

Published by Innovation News Network 8 February 2024

"According to a Cybersecurity Insiders report, the average cost of an insider threat incident in 2023 is $15.38m. However, there are tell-tale indicators that your firm could be at risk from an insider threat, argues Chris Denbigh-White, CSO at Next DLP.

"For a company to be able to handle risk effectively, complete visibility of its entire security environment is essential. That means not only protecting data and networks against external threats but also assessing risks that come from within the business: a primary vulnerability which brings its own specific challenges."

To read this article, click here



Former CIA Officer Joshua Adam Schulte Sentenced To 40 Years In Prison For Espionage And Child Pornography Crimes

Published by United States District Attorney's Office for the Southern District of New York 1 February 2024

"Damian Williams, the United States Attorney for the Southern District of New York; Matthew G. Olsen, the Assistant Attorney General for National Security; and James Smith, the Assistant Director in Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), announced today that JOSHUA ADAM SCHULTE was sentenced to 40 years in prison by U.S. District Judge Jesse M. Furman for crimes of espionage, computer hacking, contempt of Court, making false statements to the FBI, and child pornography.  SCHULTE’s theft is the largest data breach in the history of the CIA, and his transmission of that stolen information to WikiLeaks is one of the largest unauthorized disclosures of classified information in the history of the U.S.  Today’s sentencing followed SCHULTE’s convictions at trials that concluded on March 9, 2020, July 13, 2022, and September 13, 2023."

To read this press release, click here



Airport Official Arrested Over Attempt To Smuggle Drug Onboard Flight

Published by Leadership 17 January 2024

"An official of Partfinder International Limited, an aviation security company, has been arrested at the Murtala Muhammed International Airport (MMIA), Lagos, over an attempt to dispatch suspected illicit drug through a departing Ibom Air flight to Accra, Ghana.

"In a statement by the Director Public Affairs & Consumer Protection, Obiageli Orah, the employee was said to have approached a passenger to help him convey a parcel through the flight."

To read this article, click here



Insider Threats: Staff’s Malicious Actions Bring Risks to Cybersecurity in Businesses

Published by CRN India 16 January 2024

"A variety of elements can be found when examining the ‘human factor’ that can negatively affect the running of a business, ranging from ordinary employee mistakes to the misallocation of budget by decision makers. But one of the most important factors that is often overlooked is malicious actions by staff. This crucial finding was revealed in a recent Kaspersky study showing that, in the last two years, 37% of companies in India suffered cyber incidents due to malicious behavior for personal gain exhibited by employees."

To read this article, click here



14 Spanish Airport Workers Arrested on Suspicion of Stealing from Checked Luggage

Published by NBC News 15 December 2023

"MADRID (AP) — Fourteen workers at one of Spain’s main airports for tourists were arrested on suspicion of stealing items from checked-in luggage, police said Friday.

"Police seized allegedly stolen items worth almost 2 million euros ($2.2 million), including around 13,000 euros ($14,000) in cash, from the group of employees at the largest airport in Tenerife, in Spain’s Canary Islands, a statement said. Another 20 airport employees are under investigation in the same case."

To read this article, click here



Over 50% Of The Insider Attacks Uses Privilege Escalation Vulnerability

Published by GB Hackers on Security 11 December 2023

"In the labyrinth of cybersecurity, the specter of insider threats emerges as a formidable adversary, wielding both malicious intent and unintentional foibles. 

"This expose delves into the intricacies of how insiders exploit vulnerabilities, introducing an air of risk through actions both deliberate and unwitting. 

"Embark on a journey through the key findings from CrowdStrike’s insightful analysis and discover recommendations to fortify the bastions against this multifaceted menace."

To read this article, click here



Airport Baggage Handler in South Korea Indicted on 208 Counts of Luggage Theft

Published by The Straits Times 29 November 2023

"SEOUL - A 41-year-old man working at Incheon International Airport has been indicted on charges of stealing 366 million won (S$378,000) worth of items from passenger luggage, local prosecutors said on Nov 28.

"The man has been indicted on 208 accounts of larceny from November 2021 to Oct 6, said the Incheon District Prosecutors’ Office."

To read this article, click here



The Evolving Challenge of Insider Threats

Published by betanews 10 November 2023

"Modern security teams need a 360-degree perspective if they are to successfully deal with all the risks they face. As well as protecting networks and data from external threat actors, organizations must also look at the risks posed by insiders -- a major security problem that brings a unique set of challenges.

"Indeed, the issues associated with insider threats are growing to near ubiquitous levels. According to recent industry research, three-quarters of organizations say insider attacks have become more frequent, with more than half experiencing an insider threat in the last year. A major part of the challenge is identifying where the threats are coming from, given that employees and contractors already have varying levels of permitted access to systems. While the motivation for insiders can be malicious, employee errors can also result in hugely damaging security breaches."

To read this article, click here.



Student Pilot Vandalized 10 Aircraft after Being Denied Solo Flight, Charged with Felony

Published by 25 October 2023 

"A student pilot vandalized 10 aircraft at a Florida airport after being denied a solo flight. The 23-year-old student was arrested and charged with felony criminal mischief.

"Sumebh Singh, a student from India, was a student at Treasure Coast Flight School located at Witham Field Airport in Stuart, Florida. Martin County Sheriff’s Office said that Singh became angry after the school flight instructors would not allow him to take a solo flight. The school officials called the Sheriff’s Office after they saw Singh on video going from plane to plane, damaging the aircraft. In total, Singh damaged 10 aircraft at the airport, with each plane grounded while mechanics could determine the extent of the damage. Martin County Sheriff William Snyder told CBS 12 News that if his actions were not caught on camera something terrible could have happened."

To read this article, click here.



Aircraft Technician Nabbed for Helping to Smuggle Hundreds of Latest iPhones into Vietnam

Published by The Straits Times 10 October 2023

"Vietnamese police have arrested two men and a woman for smuggling hundreds of Apple iPhones into the country, with one of the suspects using his job as an aircraft technician to avoid customs inspection, local media reported on Monday.

"...The case comes less than a month after two men were arrested for smuggling Apple smartphones into Vietnamese airports."

To read this article, click here



Five Men Charged Over Plot to Import 100kg of Cocaine Sydney Airport

Published by Australian Federal Police 9 October 2023

"The AFP has dismantled a significant organised crime enterprise by charging five Sydney men for their roles in importing about 100kg of cocaine in the cargo hold of a passenger plane from South Africa.

"The five men all appeared in Parramatta Local Court on Sunday, 8 October 2023, and were remanded in custody to reappear on 30 November 2023." 

To read this article, click here.



19 Security Staff Fired at MNL Airport; Chief of Security Quits Amid Theft Cases [Philippines]

Published by AeroTime Hub 28 September 2023

"The chief of Manila International Airport’s (MNL) Office for Transportation Security (OTS) has handed in his resignation following a string of highly publicized passenger theft cases."

To read this article, click here.



TSA officers at Philadelphia International Airport Stop Flight Attendant with a Loaded Gun

Published by Transportation Security Administration 18 September 2023

"PHILADELPHIA – Transportation Security Administration (TSA) officers at Philadelphia International Airport prevented a flight attendant from boarding a plane with a loaded .380 caliber handgun on Friday, Sept. 15, two weeks after they prevented a man who worked at one of the airport retail concession shops from bringing his loaded handgun through the security checkpoint. Both individuals were arrested by police.

“We are always on the alert for any possible insider threats,” explained Gerardo Spero, TSA’s Federal Security Director for the airport. “Both of these were good catches on the part of our team. Flight attendants and workers inside the terminal have insider knowledge and access to areas of the airport and aircraft that could pose a serious security threat. These are excellent examples of why it remains important that airline employees and individuals who work in airports need to be screened before gaining access to secure areas of the airport.”

To read this press release, click here.



When Ignorance Isn't Bliss: Accidental Insider Threats

Published by betanews 15 September 2023

"Insider threats are far more commonplace than one would expect -- accounting for about 20 percent of all data breaches.

"Though the term ‘insider threat’ conjures up images of disgruntled employees with malicious intentions or moles within an organization, the reality is that the majority of vulnerabilities of this nature are attributable to accidental, negligent insiders. As Okey Obudulu, CISO at Skillsoft, explains: "More often than not, insider threats are unintentional. Innocent acts -- such as sending an email to the wrong person or accidentally clicking on a phishing link -- can have devastating security consequences." Of course, what cybercriminals love more than anything is an unsuspecting and improperly trained employee to take advantage of…"

To read this article, click here



Detecting and Identifying Insider Threats

Published by Cybersecurity & Infrastructure Security Agency

"Successful insider threat programs proactively use a mitigation approach of detect and identify, assess, and manage to protect their organization. The foundation of the program’s success is the detection and identification of observable, concerning behaviors or activities.

"Threat detection and identification is the process by which persons who might present an insider threat risk due to their observable, concerning behaviors come to the attention of an organization or insider threat team. Detecting and identifying potential insider threats requires both human and technological elements. An organization’s own personnel are an invaluable resource to observe behaviors of concern."

To learn more, click here



National Insider Threat Awareness Month Begins with a Focus on Bystander Engagement

Published by Homeland Security Today 1 September 2023

"The National Counterintelligence and Security Center (NCSC), the National Insider Threat Task Force (NITTF), the Office of the Under Secretary of Defense Intelligence and Security, the Defense Counterintelligence and Security Agency (DCSA), and the Department of Homeland Security today launched the fifth annual “National Insider Threat Awareness Month” (NITAM)."

To read this article, click here.



Human Element Remains Biggest Threat: Verizon’s 2023 Data Breach Investigations Report

Published by BQ Prime 23 August 2023

"Stolen credentials, phishing, and exploitation of vulnerabilities were found to be the three main ways cybercriminals get access to an enterprise. Human error continues to be an integral element whenever organisational security fails against data breaches. The human element features in 74% of all breaches, with people being involved either via error, privilege misuse, use of stolen credentials or
social engineering, the report showed.

"The report also found that social engineering attacks—which involve the psychological compromise of people that forces them to take an action or breach confidentiality—are frequently very successful and extremely profitable for cybercriminals."

To read this article, click here.



Insider Threats: What They are and How to Prevent Them

Published by Open Access Government 24 July 2023

"While organisations continue to invest heavily in defensive strategies to help mitigate or at least reduce the threats posed by external cyber criminals, there is often neglect for insider threats

"One that is equally as deadly and can have far-reaching adverse effects on organisations."

To read this article, click here.



Security Awareness Training Isn’t Working – How Can We Improve It?

Published by SecurityWeek 19 July 2023

"First, we should separate awareness training from its primary focus: phishing. Phishing itself is not the complete problem — the problem is the social engineering element of phishing that makes it successful. It is social engineering that is the real threat, and purely focusing on phishing means we are tackling just a subset of the problem.

"Statistics on the overall effects are difficult to find. Most published figures on phishing, for example, quantify the number of attacks and do not distinguish between phishing attempts and phishing successes. However, an idea of the full effect of social engineering can be seen in the latest IC3 report." 

To read this article, click here.



Pentagon to Strengthen Insider Threat Monitoring and Vetting Procedures Following Major Intel Leak

Published by CNN 5 July 2023

"A review undertaken by the Pentagon after a trove of classified documents were leaked online has recommended that the department establish a new office to monitor insider threats and improve access to vetting information from ongoing background checks to ensure individuals still meet security clearance requirements.

“This review found that the overwhelming majority of DoD personnel with access to [classified national security information] are trustworthy, and that all DoD Components demonstrate a broad commitment to security,” Defense Secretary Lloyd Austin said in a memo released Wednesday. “However, the review identified areas where we can and must improve accountability measures to prevent the compromise of C SI [classified national security information], to include addressing insider threats.”

To read this article, click here



FBI Analyst Gets Three Years For National Security Breach

Published by InfoSecurity Magazine 23 June 2023

"An FBI analyst has been sentenced to 46 months behind bars after illegally retaining hundreds of classified documents at her home over a 12-year period.

"Kendra Kingsbury 50, of Garden City, Kansas will also face three years of supervised release after pleading guilty last October to two counts of unlawfully retaining documents related to national defense."

To read this article, click here.



#InfosecurityEurope: Cost-of-Living Crisis Drives Insider Threat Concerns

Published by Infosecurity Magazine 15 June 2023

"Nearly half (47%) of UK business leaders believe their organization has been at a greater risk of attack since the start of the cost-of-living crisis.

"Surging inflation and interest rates, and high energy bills, are eroding household disposable income, even as wages rise for many."

To read this article, click here.



Insider Threats Surge Across US CNI as Attackers Exploit Human Factors

Published by CSO 17 May 2023

"Over three-quarters (77%) of organizations across US critical national infrastructure (CNI) have seen a rise in insider-driven cyberthreats in the last three years, according to new research from cybersecurity services firm Bridewell. The Cyber Security in CNI: 2023 report surveyed 525 cybersecurity decision makers in the US in the transport and aviation, utilities, finance, government, and communications sectors. It revealed that increased insider threat could be linked to heightened economic pressures and remote working. Threats from within range from criminal intent to individual negligence, with those surveyed stating that an act of intentional destruction by an employee was committed at an average of at least every other week within the last year.

To read this article, click here.



Companies Must Rebuild Employee-Employer Loyalty to Curb Insider Threats

Published by BetaNews, Inc. 1 May 2023

"A disconnect between employers and employees has emerged concerning work-life balance and the familiar-but-vague concept known as "organizational commitment," driven in part by social media-fueled myths such as "quiet quitting.”" A key concern for employers is that, according to workplace theory and several case studies, a lower level of "organizational commitment" among employees leads to an increase in the likelihood of insider threats. Whether they are leaving companies or staying on the job, employees who aren’t committed to their organizations are more likely to steal critical information."

To read this article, click here



The Anatomy of an Insider Threat

Published by InfoSecurity Magazine 13 April 2023

"Insider threats are on the rise. The World Economic Forum named malicious insider activity one of the top three concerns for cyber leaders. This supports what many cybersecurity and information governance experts have long expressed – that internal threats are just as critical as external ones. Unfortunately, organizations are often less prepared to mitigate insider threats than they are for the more prominent, publicized external variety."

To read this article, click here



TSA Prevents Airport Worker from Carrying Handgun Through Newark Liberty International Airport Checkpoint

Published by Transportation Security Administration 4 April 2023

"NEWARK, N.J. –  A Newark, N.J., man was arrested by police after Transportation Security Administration (TSA) officers at Newark Liberty International Airport stopped him with a 9mm handgun in his backpack on Saturday, April 1. The firearm was loaded with eight hollow-point bullets.

"The man was employed by a company at the airport and his employee badge was confiscated at the time of the incident. He is no longer employed at the airport."

To read this press release, click here



The Hidden Costs Of Insider Threats

Published by Techspective 18 March 2023

"Much of cybersecurity policy and practice is dedicated to protecting against external threats and attacks that put networks, data, and devices at risk. Malicious incidents of hacking, phishing, and the like from the outside are certainly a formidable force to be reckoned with, and detecting and preventing them should be a priority, but that doesn’t mean that they’re the only issue to be concerned about. Threats can also come from inside an organization, and the dangers of these cases are often insidious, posing risks beyond what might be immediately obvious."

To read this article, click here.



Two U.S. Citizens Arrested for Illegally Exporting Technology to Russia

Published by United States Department of Justice 2 March 2023

"Two Kansas men were arrested today on charges related to a years-long scheme to circumvent U.S. export laws that included the illegal export of aviation-related technology to Russia after Russia’s unprovoked invasion of Ukraine on Feb. 24, 2022, and the imposition of stricter restrictions on exports to Russia.

"According to the indictment, Cyril Gregory Buyanovsky, 59, of Lawrence, and Douglas Robertson, 55, of Olathe, owned and operated KanRus Trading Company, which supplied Western avionics equipment (i.e., electronics installed in aircraft) to Russian companies and provided repair services for equipment used in Russian-manufactured aircraft. Since 2020, the defendants conspired to evade U.S. export laws by concealing and misstating the true end users, value and end destinations of their exports and by transshipping items through third-party countries. For example, between November 2020 and February 2021, the defendants received avionics equipment, including a computer processor bearing a sticker identifying Russia’s Federal Security Services (FSB), from a Russian company for repair in the United States. The defendants concealed the true end user and end destination by providing a fraudulent invoice to the shipment company identifying the end destination as Germany."

To read this press release, click here.



Manila Airport to Ramp Up Security After Series of Theft Incidents by Personnel

Published by AeroTime Hub 2 March 2023

"Authorities at Manila’s Ninoy Aquino International Airport (MNL) said that it will amplify its security measures following a series of passenger theft incidents carried out by airport staff.

"The Manila International Airport Authority (MIAA) said that it denounced the “pocketing of money and the stealing of a watch” by Office for Transportation Security (OTS) Security Screening Officers in two separate incidents."

To read this article, click here.



Police: Aircraft Mechanic Trainee Threatened to 'Shoot up Graduation' and Destroy Sikorsky Airport

Published by ctpost 22 February 2023

"STRATFORD — An aircraft mechanic in training threatened to "shoot up graduation" and destroy the Sikorsky Memorial Airport if he was kicked out of the aviation school, according to the Connecticut State Police."

To read this article, click here.



3 Found Guilty in Savannah of Trading Aircraft De-Icing Designs to Competitor

Published by 21 February 2023

"A California man awaits sentencing after he was found guilty of conspiracy to steal trade secrets. There were three defendants in the conspiracy to steal proprietary information, planning to speed the process for the development and testing of an aircraft de-icing design and sell it to a competitor.

"The three had planned to use trade secrets for profit by using the stolen information to receive FAA certification quicker and then selling the designs to a competing aircraft company."

To read this article, click here.



British Guard Sentenced to 13 Years for Spying for Russia at UK Embassy in Berlin

Published by The Guardian 17 February 2023

"A British embassy security guard has been jailed for more than 13 years after a judge told him his “treachery” spying for Russia had put his former colleagues at “maximum risk”.

"David Ballantyne Smith, 58, originally from Paisley, Scotland, copied secret documents he found in unlocked filing cabinets and on desks at the embassy, including a letter to the then prime minister, Boris Johnson."

To read this article, click here.



8 Loaders at Delhi Airport Arrested for Stealing From Passengers’ Bags; Articles Worth Lakhs Recovered

Published by The Tribune 14 January 2023

"Delhi Police busted a suspected theft racket operating at the international airport here and arrested eight loaders working with ground handling agencies, officials said on Saturday.

"Gold and silver jewellery worth close to Rs 10 lakh, six branded watches, an Apple iPhone and Rs 1,15,000 in cash, among other articles, were recovered from the accused, the police said."

To read this article, click here.



Athens Airport Employee Stealing Passenger Luggage Since 2016

Published by Greek Reporter 13 January 2023

"A ground crew employee at Athens International Airport has admitted to stealing valuables from the luggage, as well as entire pieces of luggage of passengers at least seventy times. Since 2016, he has been a continuous luggage thief.

"Nobody was able to trace the stolen goods until a passenger who had her bag stolen and reported it missing tipped the authorities with a GPS signal from her set of wireless headphones. This tip led the police directly to the location of the 41-year-old suspect, who had stolen the luggage from the tourist."

To read this article, click here.



CISA Expanding Insider Threat Toolbox

Published by AFCEA 30 December 2022

"Officials with the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security expect in the coming days or weeks to provide multiple new resources to help organizations prepare for, mitigate and respond to insider threats against critical infrastructure.

"The new tools include a guide for establishing an insider threat management team, guidance on the progressive stages an insider might follow, a standard template for reporting insider threat incidents within an organization and a train-the-trainer program for workshops related to critical infrastructure protection. The resources are being developed under CISA’s Insider Threat Mitigation program, which provides an array of support tools for organizations considered a part of the nation’s critical infrastructure."

To read this article, click here.



Chinese Government Intelligence Officer Sentenced to 20 Years in Prison for Espionage Crimes, Attempting to Steal Trade Secrets From Cincinnati Company

Published by United States Department of Justice 16 November 2022

"The first Chinese government intelligence officer ever to be extradited to the United States to stand trial was sentenced today in federal court in Cincinnati.

"Yanjun Xu, 42, was sentenced to 20 years in prison. According to court documents, Xu targeted American aviation companies, recruited employees to travel to China, and solicited their proprietary information, all on behalf of the government of the People’s Republic of China (PRC)."

To read this news release, click here.



Former U.S. Military Pilot Sentenced for Acting as Paid Agent of the Government of the People’s Republic of China and Lying on National Security Background Forms

Published by United States Department of Justice 7 November 2022

"Former U.S. Army helicopter pilot-turned-civilian-contractor Shapour Moinian, 67, of San Diego, was sentenced in federal court today to 20 months in prison for acting as an agent of the government of the People’s Republic of China (PRC) and accepting thousands of dollars from representatives of the Chinese government to provide aviation-related information from his defense-contractor employers."

To read this news release, click here.



Engineer Sentenced to Federal Prison After Admitting Conspiracy to Steal Aircraft Design Secrets

Published by The United States Attorney's Office for the Southern District of Georgia 20 October 2022

"SAVANNAH, GA:  A South Carolina man who led a conspiracy to steal trade secrets from aircraft companies has been sentenced to nearly seven years in prison."

To read this article, click here.



This Sneaky Fraud Attack Looks Like an Email Forwarded by Your Boss

Published by ZDNet 4 October 2022

"A business email compromise (BEC) campaign is using an email thread that pretends to have been forwarded by the boss in a bid to trick targets into handing over big sums of money.

"Not only are BEC attacks one of the most lucrative forms of cybercrime – the FBI says they've cost victims a combined total of more than $43 billion in recent years – but they're also one of the simplest to carry out because all attackers really need is an internet connection, an email account and perhaps some background research into their targets."

To read this article, click here.



AAAE and TSA Offer Airports Virtual Training to Mitigate the Insider Threat

Published by Homeland Security Today 20 September 2022

"For National Insider Threat Awareness Month, the Transportation Security Administration (TSA) and the American Association of Airport Executives (AAAE) are encouraging the use of a recently developed virtual insider threat training course. 

"The two organizations jointly developed the virtual training to help badged employees at airports recognize and report behaviors and activities that could indicate a threat to airport safety and security. The association is making the course available to aviation workers through its various training services that are used by hundreds of airports across the country."

To read this article, click here.



Tupelo Regional Airport Officials To Review Security After Stolen Plane Incident

Published by AviationPros 7 September 2022

"Sep. 6—TUPELO — Officials with the Tupelo Regional Airport say they will review security procedures after Saturday's incident in which a plane was stolen by a Flight-Based Operator (FBO) employee.

"We're doing a review to see if there's anything we could have done," said airport director Joe Wheeler. "We'll be meeting with the TSA (on Sept. 7) for a debriefing, and we'll go from there."

To read this article, click here.



Crash Threat Over Mississippi Skies Ends with Pilot’s Arrest

Published by AP News 3 September 2022

"RIPLEY, Miss. (AP) — An airport worker who knew how to take off but not land stole a small airplane Saturday and threatened to crash it into a Walmart, circling for five hours over unnerved Mississippians before ending the flight safely in a soybean field where police arrested him."

To read this article, click here.



September is National Insider Threat Awareness Month

The National Insider Threat Awareness Month (NITAM) website states: "an insider threat will use her/his authorized access, wittingly or unwittingly, to do harm to the security of the United States. This threat can include damage to the United States through espionage, terrorism, unauthorized disclosure of national security information, or through the loss or degradation of departmental resources or capabilities. Use these tips to counter insider threats in your organization."

Visit the NITAM website here.



What is a Social Engineering Attack?

Published by Small Business Trends 11 August 2022

"Social engineering attacks refer to a wide range of tactics that rely on human error rather than vulnerabilities in systems. Hackers employ social engineering to trick users into getting money, collecting sensitive information, or installing malware on their computer systems.

"In this article, we will explore critical types of social engineering attacks and how you can prevent them. Let’s dive in:"

To read this article, click here.



Spanish Police Arrest 2 Nuclear Power Workers for Cyberattacking the Radiation Alert System

Published by The Hacker News 29 July 2022

Insider threat is a risk that impacts every industry. Whenever a company grants access to sensitive systems or data, it becomes vulnerable. Here is an example of a recent insider threat that could have led to a catastrophic event. 

To read this story, click here.



Ex-CIA Engineer Convicted in Massive Theft of Secret Info

Published by Associated Press 13 July 2022

"NEW YORK (AP) — A former CIA software engineer was convicted Wednesday of federal charges accusing him of the biggest theft of classified information in CIA history..."

"Prosecutors alleged the 33-year-old Schulte was motivated to orchestrate the leak because he believed the CIA had disrespected him by ignoring his complaints about the work environment. So he tried “to burn to the ground” the very work he had helped the agency to create, they said."

To read this article, click here.



Former Cargo Handler at LAX Sentenced to One Year in Prison for Stealing Four Gold Bars Headed from Australia to New York

Published by United States Department of Justice 27 June 2022

"LOS ANGELES – A former cargo handling company employee at Los Angeles International Airport was sentenced today to 12 months in federal prison for stealing four gold bars that were part of a larger shipment headed from Australia to New York."

To read this press release, click here.



Jury Convicts Former CIA Officer of Espionage

Published by United States Department of Justice 8 June 2022

"ALEXANDRIA, Va. – A federal jury convicted a former Central Intelligence Agency case officer today on espionage charges related to his transmission of classified documents to an agent of the People’s Republic of China.

"According to court records and evidence presented at trial, in March and April 2017, Kevin Patrick Mallory, 61, of Leesburg, travelled to Shanghai and met with an individual, Michael Yang, whom he quickly concluded was working for the People’s Republic of China Intelligence Service (PRCIS). During a voluntary interview with FBI agents on May 24, 2007, Mallory stated that Yang represented himself as working for a People’s Republic of China think tank, however Mallory stated that he assessed Yang to be a Chinese Intelligence Officer."

To read this press release, click here.



Combatting the Malicious and Unwitting Insider Threat

Published by techradar 3 June 2022

"Adage tells us that a chain is only as strong as its weakest link. This maxim can be applied to many walks of life, but it feels particularly pertinent in the cybersecurity space as an organization's cyber posture is only as secure as its own employees. This is not to say that employees are always at fault for security lapses – staff can be a huge asset to their firm’s security posture when properly educated on best practice – but they can certainly be a vulnerability and are often seen by hackers as a potential chink in the armor of cyber defenses."

To read this article, click here.



Chemist Sentenced for Stealing Trade Secrets, Economic Espionage and Wire Fraud

Published by The United States Department of Justice 9 May 2022

"A federal judge in Greeneville, Tennessee, sentenced a Michigan woman today to 168 months, the equivalent of 14 years, in prison for a scheme to steal trade secrets, engage in economic espionage and commit fraud. The defendant was also ordered to serve three years of supervised release and pay a $200,000 fine."

To read this press release, click here.



Jack Dorsey's Block Confirms Data Breach After Former Employee Accessed Consumer Info of Cash App

Published by Tech Times 5 April 2022

To prevent a data breach when an employee leaves, organizations should have policies in place that immediately removes that person's access to sensitive data. A recent breach shows what can happen when this does not occur. 

To read this article, click here.



Insider Threats and How to Beat Them!

Published by IOT-NOW.COM 25 March 2022

"If you want advice on how to protect your organisation from Insider Threats go to the top as we did. In the latest Trending Tech Podcast, Eric Chilton, retired Special Agent in Charge of the USA’s Defense Counterintelligence & Security Agency outlines the key threatsAnd Ed Finegold, Chicago-based Tech Author & Analyst, discusses new research showing the scale of the cyber security problem facing every business today."

To listen to this podcast, click here.



The Enemy Within: Are Insider Threats Damaging Our Trust With Employees?

Published by Forbes 24 March 2022

"Trust: It's an essential component of organizational effectiveness. Companies that build a culture of accountability are acknowledged to operate more effectively than companies that don't. Employers need to trust their workforce to become successful—that's a fact.

"So, with this in mind, will it ever be possible to stop an attack from within?"

To read this article, click here.



FBI Director Wray Says Scale of Chinese Spying In The U.S. 'Blew Me Away'

Published by NBC News 1 February 2022

"Chinese spying in the U.S. has become so widespread that the FBI is launching an average of two counterintelligence investigations a day to counter the onslaught, FBI Director Christopher Wray said in an interview."

To watch the interview, click here.



Home Working Drives 44% Surge in Insider Threats

Published by Infosecurity Magazine 26 January 2022

"Insider threats cost organizations an average of over $15m annually to remediate last year, with stolen credentials a growing risk, according to Proofpoint.

"The security vendor’s 2022 Cost of Insider Threats Global Report was compiled from interviews with over 1000 IT professionals and analysis of more than 6800 incidents across the globe."

To read this article, click here.



Careless Employees Behind The Majority Of Insider Threat Incidents: Report

Published by Cybersecurity Dive 25 January 2022

"Over the last 12 months, more than half of insider threat security incidents, 56%, were caused by negligent or careless employees, according to research from Ponemon Institute and sponsored by Proofpoint. The report, released Tuesday, surveyed more than 1,000 IT and IT security professionals globally in organizations that experienced at least one material event from an insider."

To read this article, click here.



Insider Threat Mitigation

Published by Cybersecurity & Infrastructure Security Agency

"Insider threat incidents are possible in any sector or organization. An insider threat is typically a current or former employee, third-party contractor, or business partner. In their present or former role, the person has or had access to an organization's network systems, data, or premises, and uses their access (sometimes unwittingly). To combat the insider threat, organizations can implement a proactive, prevention-focused mitigation program to detect and identify threats, assess risk, and manage that risk - before an incident occurs."

To read this article, click here.



Insider Threats: An Age-Old Problem

Published by Forbes 2 November 2021

"Most people agree that insiders pose a significant risk to business. This isn’t breaking news.

"Chris Krebs, previous CISA Director, recently spoke about this issue and called for legislation to crack down on insider threats, stating, “When you’re talking about companies that are providing a service to the federal government — not just the Department of Defense but the civilian agencies as well — I would expect to see enhanced requirements not just on the external threat management, but also insider threat management.

"Insider threats are indeed an issue — not just for defense contractors, but arguably for any organization with sensitive information."

To read this article, click here.



Four Insider Threats Putting Every Company At Risk

Published by Forbes 6 October 2021

"Few concerns keep business leaders up at night like the threat of a cybersecurity incident. With the average cost of a data breach exceeding $4 million for the first time and public sentiment, regulatory requirements and practical functionality firmly against companies that can’t protect their digital landscape, many leaders are reprioritizing cybersecurity in response to this increasingly urgent reality. 

"According to Gartner’s 2021 CIO Agenda Survey, cybersecurity is the top spending priority for 61% of leaders as they work to address rapidly shifting risks and responsibilities."

To read this article, click here.



Cyber Improvements Could Lead To More Insider Targeting, Intel Official Says

Published by Federal News Network 5 October 2021

"As federal agencies and U.S. industry bolster their cybersecurity defenses, foreign intelligence agencies are likely to ramp up their targeting of trusted insiders, according to the director of the National Insider Threat Task Force.

"Bob Rohrer, who has led the task force since January, said the successful implementation of zero trust architectures and other least-privilege principles could make it harder for foreign spies to pilfer U.S. secrets by exploiting gaps in network defenses. President Joe Biden has directed agencies to adopt zero trust architectures as part of his May cyber executive order."

To read this article, click here.



National Insider Threat Awareness Month Focuses on Workplace Culture

Published by Homeland Security Today 3 September 2021

"The NITAM campaign seeks to encourage employees in government and the private sector to recognize behaviors of concern and report them so early intervention can occur.

"The National Counterintelligence and Security Center (NCSC), the National Insider Threat Task Force (NITTF), the Office of the Under Secretary of Defense Intelligence and Security, the Defense Counterintelligence and Security Agency, and the Department of Homeland Security launched the third-annual “National Insider Threat Awareness Month” (NITAM)."

To read this article, click here.



25 Tips for Preventing, Detecting, and Responding to Today’s Insider Threat

Published by Loss Prevention Magazine 1 September 2021

"The insider threat has evolved beyond the reach of employee bag checks and point-of-sale cameras. For all organizations, retailers included, the threat surface that employees can attack has grown, and so have the types of assets that they can exploit, misuse, or mistakenly expose. Never has so much of value been this accessible to a company’s workforce. Never have companies been so vulnerable to their dishonesty, mistakes, or retribution."

To read this article, click here.



Navigating Old and New Threats as Employees Return to Office Post-Pandemic

Published by Homeland Security Today 6 July 2021

Company executives face several challenges in moving employees from remote work back to the office environment. Before making the shift, it is a good idea to sit down and consider the potential threats that could arise and how to mitigate the risks. 

To read this article, click here


Off-Duty Flight Attendant Identified as 'Unruly Passenger' Who Forced Delta Flight to Divert

Published by USA Today 12 June 2021

In the past year, the number of incidents involving misbehaving passengers and flight attendants has risen substantially. In a recent case, the passenger turned out to be an off-duty flight attendant for the airline.  

To read this article, click here



Airport Worker Arrested And Charged With Dug Trafficking And Money Laundering

Published by The Sydney Morning Herald 11 June 2021

Organized criminal groups are actively infiltrating its members into airports and aviation companies as employees, according to the Australian Federal Police (AFP). Hundreds of organized crime figures were recently arrested as a result of the AFP's latest operation.

To read this article, click here


Minimizing Threats From Employees As They Return To Work

Published by Intelligent CIO 25 May 2021

In the past year, many companies moved their employees to a remote working status in response to the COVID-19 pandemic. Now, as they make plans to bring these employees back into the office, compromised devices is a big concern. 

To read this article, click here


Defense Department Linguist Pleads Guilty to Transmitting Highly Sensitive Classified National Defense Information to Aid a Foreign Government

Published by United States Department of Justice 26 March 2021

There is always a level of risk involved when a person is provided access to sensitive and top secret information. If that person betrays the trust they are given, the lives of others can be put at risk. One woman is facing a prison term of up to life for her role in providing top-secret files to a terrorist organization. 

To read this press release, click here.


Insider Threat Resources

Published by Cybersecurity & Infrastructure Security Agency November 2020

Avoid falling victim to Insider Threats. Check out these multiple resources provided by the Cybersecurity & Infrastructure Security Agency (CISA):



TSA Officers Catch Contract Employee With Loaded Gun

Published by Homeland Security Today 31 October 2020

Insider threat doesn’t just involve employees, it can involve contractors as well. Recently, a loaded gun was confiscated from a contract employee. The firearm was discovered when the man was flagged for additional screening during a random inspection by TSA officers.

To read this article, click here



Data-Driven Resilience: How Agencies Can Protect Against Insider Threats

Published by Homeland Security Today 9 October 2020

During a two-year period, including 2020, there was a 47% increase in breaches caused by insider threat. In addition to this risk, agencies must also watch out for risks generated by the increasing number of employees working from home.

To learn more, click here



Is Your Agency’s Insider Threat Strategy Missing This Major Element?

Published by Homeland Security Today 29 September 2020

National Insider Threat Awareness Month (NITAM) may be coming to an end, but you can still take proactive steps in mitigating your operation’s risk. Insider threat can cause more damage than you think. Ensure your operation’s insider threat strategy isn’t lacking important factors.

To read this article, click here


Top 10 Tips to Prevent Insider Threats

Published by Security Boulevard 9 September 2020

Are you aware of the possible threats that could occur within your organization? Do you have a plan in place to prevent these threats? If not, take a moment to look over these top 10 tips to help mitigate insider threat. Just because something hasn’t happened yet, doesn’t mean it can’t happen eventually.

To read these tips, click here


Mapping the Motives of Insider Threats

Published by Help Net Security 8 September 2020

What are some of the motivators that lead insiders to commit a crime? What if there is no motive, and it was simply human error? Considering its National Insider Threat Awareness Month, it’s a great opportunity to educate yourself on this topic to help mitigate possible threats to your organization.

For more information on these motives, click here



Russian Arrested For Trying to Recruit an Insider and Hack a Nevada Company

Published by ZDNet 26 August 2020

A Nevada company’s employee, in partnership with the FBI, was able to prevent a Russian group from launching a planned ransomware attack. The FBI was brought in when the employee was approached by a member of the group in a recruiting attempt.

To read this article, click here


FBI Arrests Border Patrol Agent for Narcotics Trafficking

Published by Homeland Security Today 11 August 2020

Phoenix Sky Harbor International Airport was the scene of a recent alleged case of drug trafficking. A vehicle at the airport was found with two bags that were filled with fentanyl, cocaine and heroin. The bags were traced to a Border Patrol Agent, who is now facing up to life in prison and multiple charges.

To read this article, click here





Soft Skill Strategies for Handling Insider Threats Ethically

Published by Info Security Group 6 July 2020

Insider threat can be detrimental to your organization; that’s why it’s important to have a strategy in place. This article provides detailed information on different, proactive tactics to mitigate against possible threats. Info Security Group says, “While technical skills and knowledge are critical in the information security landscape, it is unquestionably important to remember that insider threats involve humans, hence, we cannot neglect the use of soft skills to manage incidents.”

To learn more, click here. 





Protecting From Insider Threats in The Transportation Sector

Published by Federal News Network 1 June 2020

Learn more about protecting against insider threat with Transportation Security Specialist, Dean Walter and Supervisory Air Marshal in Charge, Serge Potapov. They both join Tom Temin, via podcast, as they discuss insider threats in the transportation sector.

To listen to this podcast, click here


Insider Threat Roadmap 2020

Published by Transportation Security Administration

The Transportation Security Administration (TSA) has released a new Insider Threat Roadmap. The roadmap focuses on three overarching priorities:

   1) promoting data-driven decision making to detect threats;
   2) advancing operational capability to deter threats; and
   3) maturing capabilities to mitigate threats to the transportation sector.

To view this roadmap, click here.



Insider Threat in Civil Aviation

Published by International Air Transport Association

The International Air Transport Association (IATA) provides an in-depth look into the impact insider threat has within the aviation industry. IATA gives a detailed description of insider threat and offers guidance to help operators mitigate possible risks. IATA also outlines the importance of having security measures in place to ensure proper visibility and awareness of the issue, with the purpose of putting a stop to it as soon as possible.

To read this article, click here. 


U.S. Department of Homeland Security - Insider Threat Overview

Published by U.S. Department of Homeland Security

It's important to educate yourself on the topic 'insider threat' so you can know what signs to look for and how to prevent the threat. The Department of Homeland Security (DHS) provides detailed information on their approach to help mitigate the risks and other helpful resources. DHS states, "Increasingly, insider threat cases and high-profile data leaks illustrate the need for strong insider threat programs within organizations. The number of infamous and damaging attacks against the government illustrates that the threat posed by trusted insiders is significant."

To read this overview, click here.


Flight Risk' Employees Involved in 60% of Insider Cybersecurity Incidents

Published by ZDNet 20 May 2020

ZDNet states, “Employees planning to leave their jobs are involved in 60% of insider cybersecurity incidents and data leaks, new research suggests.” Many aspects of the aviation industry are sensitive and require protection. Take a moment and think... what if one of your employees resigned and took with them critical security information regarding your operation? Do you have a plan in place to mitigate insider threat? If you don’t, you may want to look into it.

To read this article, click here.



Innocent Insider Threats: Defending Against Human Error

Published by Intelligent CIO 21 April 2020

The topic of insider threat involves entities or individuals that have access to and/or knowledge of an organization that is not intended for the public eye. The most common type of insider threat stems from employee’s lack of knowledge, which would be detrimental to an organization. It could be as simple as human error or employee's not following company guidelines. It’s important your organization have programs in place to avoid falling victim to these threats.

To read this article, click here.



Protecting Against Cybersecurity Threats When Working From Home

Published by The National Law Review 11 March 2020

How can we stop the spread of coronavirus? The answer - isolation. While the answer seems simple, it's not that easy to isolate yourself when you have to get up every morning and go to work. 

Organizations are taking extreme efforts to help stop the spread of COVID-19; some entities are advising staff to start working from home. Even though that helps mitigate exposure, there are concerns about how to keep sensitive information and data secured. The National Law Review provides some great tips on how to remain secure with remote employees.

To read this article, click here.



3 Tips to Stay Secure When You Lose an Employee

Published by Dark Reading 10 March 2020

Dorothy in ‘The Wizard of Oz,’ says it perfectly, “People come and go so quickly…” This still rings true today with regards to company turnover rates. Some employees stay with a company for years, some only a few weeks. Whatever the case - when a company and employee go their separate ways, it is important to have proper precautions in place to mitigate possible threats. This article spotlights three tips on how to remain secure when ending a business relationship.

To learn how to protect your operation, click here.


A Study of Insider Threat; What Can We Do to Alter User Behaviour and 
Mitigate the Risk of Insider Threats

Published by IS Decisions

The topic of ‘Insider Threat’ is something all business entities should be aware of. A recent study gives an in-depth look into this important subject and different ways to help reduce exposure. The study focuses on four critical areas of insider threat:

1. Six common insider threat personas
2. Password sharing
3. User awareness
4. How to mitigate risk

To read this study, click here.




Indictment: Ex-Raytheon Engineer in Tucson Traveled to China With Missile Data on Laptop

Published by Tuscon Daily Star 5 February 2020

After he was specifically instructed not to take his employer-owned laptop with him to Asia, an ex-Raytheon engineer did just that. The laptop, which held sensitive data on the company’s missile systems, was used in Hong Kong, Cambodia and China. Now, he faces an indictment for violating the International Traffic in Arms Regulation (ITAR).

To read this article, click here.



Containing the Threat From Within: The Growing Risk of Insider Attacks

Published by Forbes 31 January 2020

Large companies like Capital One and Tesla have recently become victims of insider attacks, highlighting the need for companies to take notice of models like zero trust.

To read this article, click here.



Fake Exec Tricks New York City Medical Center into Sharing Patient Info

Published by infosececurity magazine 30 January 2020

A medical center in New York City is re-examining its cybersecurity defenses after it fell victim to a phishing scam. After claiming to be an executive of the facility, an unauthorized actor received personal information on 674 patients.

To read this article, click here.



Is Your Company Safe From Insider Threat?

Posted by Claudia Culmone on 28 January 2019

First, what is an insider threat? According to the Transportation Security Administration’s (TSA) 2018 Report of the Aviation Security Advisory Committee on Insider Threats at Airports, “The term insider threat refers to individuals with privileged access to sensitive areas and/or information, who intentionally or unwittingly misuse or allow others to misuse this access to exploit vulnerabilities in an effort to compromise security, facilitate criminal activity, terrorism, or other illicit actions which inflict harm to people, an organization, the air transportation system or national security.”

With that definition in mind, let’s examine the components of insider threat and how you can protect your operation from them.

To read this article, click here.