Insider Threats To Critical Infrastructure
Critical Infrastructure Insider Threat Overview
By virtue of their access to sensitive facilities and sensitive
information / networks, critical infrastructure employees pose a serious
threat to commit or facilitate malicious acts such as terrorism,
sabotage, criminal acts, etc.
There have been several incidents involving terrorist organizations that
have sought to recruit critical infrastructure employees to assist them
in planning or conducting terrorist attacks, or they have tried to gain
employment as critical infrastructure workers for the same purposes.
Recent and past Insider Threat incidents are bringing the awareness of
the "Insider Threat Problem" to a
HIGH LEVEL
of concern to the U.S. Government and Critical Infrastructure Providers.
The security of the U.S.
Critical
Infrastructure Sectors is vital to the safety and well being
of American citizens, and the daily operations of Critical
Infrastructure Providers.
An Insider Threat incident could be caused by just 1 employee, or an
employee(s) in collusion with a terrorist organization, or cyber
criminal / organization.
Any incident (Cyber Attack, Terrorism, Insider Threat) that could
incapacitate or destroy a critical infrastructure sector(s), would
impair and effect national security and public safety.
A 2013 report from DHS titled:
Risks To U.S. Critical Infrastructure From Insider Threat, provides
numerous
Insider Threat Scenarios that could impact critical infrastructure
sectors.
Critical Infrastructure Sectors
Critical Infrastructure Insider Threat Incidents
Ten Individuals Charged In $50 Million Russian Smuggling Scheme / Some
Current - Former Airlines Employees
(2020)ober 19, 2020
Russian
Hackers Targeting U.S. Utilities Through Critical Infrastructure
Employee (2018)
FBI Completes Investigation Into Unauthorized Flight of Aircraft By
Employee Drom Seattle-Tacoma Airport (2018)
PenAir Employee Sabotages Ticketing And Station Management Network
Database (2018)
Two Critical U.S. Dams At High Risk From Insider Cyber Threats
(2018)
Heathrow Airport British Airways Baggage Handlers Helped Smuggle 32
Million Of Cocaine & Cannabis Stuffed In Suitcases (2018)
TSA Workers Helped Puerto Rico-Based Ring Smuggle 20 Tons/ $100M Of
Cocaine For Over A Decade, Prosecutors Say (2017)
Daallo Airlines Jet Explosion Involves Airport Employees (2016)
Pilots Arrested For Being Drunk (2016)
Airport Security Seizes 70 Pounds Of Cocaine From Airline Employee
(2016)
Former Citibank Employee Sentenced For Shutting Down 90% Of Firm's
Network (2016)
DC Metro Transit Cop Appears in Court for Allegedly Trying to Assist
ISIS (2016)
Fatal Descent Of Germanwings Plane Was ‘Deliberate,’ French Authorities
Say (2015)
6 Other Times Commercial Pilots Were Suspected Of Crashing Planes On
Purpose
The Insider Threat Is Real: Gaps In Airport Security Highlighted In NBC
News Video (2015)
The
Inside Story Of The Biggest Hack In History To Oil Company
(Caused By Insider) (2015)
Chicago Airport Fire Started By Employee (2014)
Chicago Airport Fire Report By Dept. Of Transportation Office Of The
Inspector General (2015)
Six People / 4 Airport Baggage Handlers Accused Of Drug Smuggling At San
Diego International Airport (2014)
Drug Smuggling Plot Involving Aviation Employee / TSA Airport Screeners
/ Security Officials At LAX (2012)
20 Airport Workers Held In Smuggling Of Drugs For Decade (2003)
Drug Smuggling Sting Nabs 55 Airline Employee And Contractor (1999)
Other Insider Threats Incidents To Critical Infrastructure
Insider Threat Mitigation Guidance
NCSC Insider Threat Mitigation For U.S. Critical Infrastructure
(2021)
CISA 2020 Insider Threat Mitigation Guide
CISA 2019 Insider Threats Programs For The Critical Manufacturing Sector
Implementation Guide
DCSA Insider Risk Programs For Healthcare - Public Health Sector
NCSC - DCSA Insider Risk Programs For Food & Agriculture Guide
International Atomic Energy Agency - Preventive and Protective Measures
Against Insider Threats
Electric Grid Security And Resilience - Establishing A Baseline For
Adversarial Threats
Critical Infrastructure Insider Threat Reports
GAO 2020 Report
On TSA Insider Threat Program
National Strategy for Aviation Security (2018)
Increasing Concern About Insider Threats At U.S. Airports - House
Homeland Security Committee Report (2017)
Aviation Employee Screening And Security Enhancement Act Of 2017
Aviation Insider Threat Working Group - What We Know, Our Findings, And
What We Recommend (2017)
International Air Transport Association - Insider Threats In Aviation
(2015)
Aviation Security Advisory Committee: Employee Screening Working Group
Report (2015)
DHS Report - Risks To U.S. Critical Infrastructure From Insider Threat
(2013)
Insider Threat to Critical Infrastructures - Final Report And
Recommendations (2008)
Insider Threat Study: Computer System Sabotage In Critical
Infrastructure Sectors (2005)
FEMA
Protecting Critical Infrastructure Against Insider Threats
Web Based Training Course Overview
This
course provides guidance to critical infrastructure employees and
service providers on how to identify and take action against insider
threats to critical infrastructure.
