Insider Threat: Contractor Sabotages Space Shuttle Endeavour

Now Available:

Featured Resources:

It feels like I've been writing a lot about the insider threat lately, but then again, it seems I read about a new incident caused by insiders almost daily. So much time, effort and money is spent on keeping the outsiders from getting to systems and data, but a comparatively little amount is spent on addressing, and trying to prevent, insiders from doing bad things. Folks who are trusted and have authorized access can do so much harm. The technologies focusing on the outsiders are not going to do much to protect your information from insiders.

Another recent example of an insider doing bad things was the subcontractor that physically damaged a computer aboard the space shuttle Endeavour.

The unnamed subcontractor cut computer wires in the shuttle, and also cut wire in a computer on the ground at the NASA facilities. While NASA indicated the damage would not have put the shuttle or astronauts in danger, it is still troubling. What is even more puzzling is that the subcontractor notified NASA about the damage he or she did. What psychological motive was there in doing this damage? Perhaps vengeance followed by guilt? Probably something completely off the radar.

That is the great challenge of addressing the insider threat. The psychological motive is so hard to know; a completely unforeseen event can trigger an insider to do something bad.

This makes training and awareness that much more important. Technology alone cannot detect and prevent the bad things that trusted insiders can do. You need to enlist the eyes and ears of all your personnel so everyone will know the signs and red flags that could indicate someone is doing, or is planning to do, something bad. You also need to instill into trusted personnel the reasons why they must follow policies, and what the consequences will be for noncompliance. Just knowing that someone is watching will deter some of those prone to doing bad things from following through with those actions.

Categories

Rebecca Herold's Bio:

Rebecca Herold, CISSP, CIPP, CISM, CISA, FLMI, has been providing information security, privacy and regulatory assistance and services to organizations from a wide range of industries for the past two decades. Rebecca was instrumental in building the information security and privacy program while at Principal Financial Group, which was awarded the CSI Information Security Program of the Year Award in 1998. IT Security ranked Rebecca as one of the top 59 IT security influencers, and Computerworld put Rebecca their list of the world's best privacy experts and on their list of the best privacy consulting firms in both 2007 and 2008. Rebecca has been CPO for two consulting organizations, and has had her own information privacy, security and compliance business since 2004. Rebecca has written chapters for several books, dozens of articles, and has been writing a monthly privacy column for the CSI Alert newsletter since the beginning of 2001, and is working on her 13th book. Some of her other books include The Privacy Papers, Managing an Information Security and Privacy Awareness and Training Program, The Definitive Guide to Security Inside the Perimeter (Realtime Publishers), The Shortcut Guide to Improving IT Service Support through ITIL (Realtime Publishers), and The Practical Guide to HIPAA Privacy and Security Compliance. In addition, Rebecca is the leader of The Realtime IT Compliance Community where she posts to her IT Compliance weblog. You can contact Rebecca at: rebecca_herold@realtimepublishers.net.

Now Available:

Featured Resources:

Realtime Communities

Newsletter

Monthly Archives

RSS

Ask the Expert