WASHINGTON, D.C. - While the U.S. military is building up defenses to fend off network-based attacks from enemy states and terrorists, some say the more-insidious security problem is the threat of an insider bent on sabotage or stealing data.
At last week's Forum on Information Warfare, researchers from the FBI and George Washington University emphasized the insider threat during presentations that drew military personnel and academics from around the world. In particular, IT systems administrators increasingly are seen as the most potentially dangerous insider threat - and military concern - because of their power over networks.
In his keynote speech, Lt. Gen. Kenneth Minihan, former head of the National Security Agency (NSA), compared today's systems administrators to the encryption-code clerks of past wars who broke enemy secrets. He said systems administrators deserve greater attention from the military and should be better paid. Some researchers say they have seen the systems administrator go bad and see it as the Achilles' heel of national defense.
FBI and George Washington researchers have studied the case histories of criminal computers use, including interviews with prisoners.
"The systems administrator responsible for designing computer systems has the extraordinary ability to do damage," said Jerrold Post, professor of psychiatry, political psychology and international affairs at George Washington. He cited cases that occurred at Fort Bragg in North Carolina, and in banking and other industries, to underscore the danger posed by IT insiders who exploit power over networks.
Post noted that insiders who commit computer-based crimes, such as fraud, extortion, sabotage and espionage, have a variety of motivations, including revenge and financial gain. He said it is critical to understand the psychology of IT administrators in general to recognize possible danger signs.
IT specialists are "overwhelmingly represented by introverts" who "internalize stress and express themselves only online," he said. A study of IT specialists caught for computer-based crimes reveals them typically to share some character traits.
Post said close analysis of work histories of IT administrators who sabotaged their employers' networks or did other damage reveals that they often first commit less-serious infractions, such as refusing to train their backup. Intervention by management early on could help prevent problems from escalating, because introverted people usually don't seek help.
The FBI has started its own study of those who commit computer crimes - not necessarily focusing on IT administrators - by interviewing those now in jail, said John Jarvis, an FBI behavioral research scientist. "Cybercrime is primarily an insider phenomenon," Jarvis said. Only a quarter can be classified as "outsider," he said.
Guarding against that minority is the job of insiders such as Timothy Vieregge, deputy of the systems and architecture branch in computer network operations at Fort Belvoir's First Information Operations Command in Virginia. Vieregge helped set up a network-monitoring system for the Army before the start of the war in Iraq.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment