• 主题
高级搜索  >
历史搜索 清空历史
首页> 美国政府科技报告 >Analysis of Technical Observations in Insider Theft of Intellectual Property Cases
【24h】

Analysis of Technical Observations in Insider Theft of Intellectual Property Cases

机译:知识产权案件内部人员盗窃技术观察分析

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Since 2001, the Insider Threat team at the Software Engineering Institute's CERT(Registered Trademark) program has built an extensive library and comprehensive database containing more than 550 cases of insider crimes. More than 80 of those crimes involved the theft of an organization's intellectual property (IP) by a malicious insider. These crimes can be particularly damaging to an organization because it is often difficult or impossible to recover from a loss of confidentiality. This report provides an overview of techniques employed by malicious insiders to steal intellectual property, including the types of assets targeted and the methods used to remove the information from a victim organization's control. Specifically, this study seeks to use the new CERT Insider Threat Lab to better understand the threat of malicious insiders. Part of this ongoing effort involves detailed study of the types of crimes cataloged by CERT, as well as extending previous work in behavioral modeling efforts to better explain how insiders behave and carry out their attacks on organizations. This initial study analyzes the current trends of how insiders actually steal IP. We analyze 50 incidents involving insiders who stole IP to better understand the trends and methods insiders use to exfiltrate sensitive data from an organization. Results show that the methods used by malicious insiders to steal IP ranged widely. In the 50 cases studied, the top three methods that insiders used to steal sensitive data were email from work: 30 percent; removable media: 30 percent; and remote network access: 28 percent. Insider use of both personal and work email remains a primary method for using networked resources to quickly exfiltrate information from an organization. The report closes with a brief discussion of mitigating factors and strategic items that an organization should consider when defending against insider attacks on intellectual property.

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号