Note |
---|
UNDER CONSTRUCTION |
Cyber-sabotage
dictionary-term
Alternative Forms
IT Sabotage
Sabotage
Definitions
Definition 1
- Cyber-sabotage: complete version 1 and submit to community Slack thread for feedback.
Definition
Cyber-sabotage may designate two distinct classes of object:
The risk of cyber-sabotage,
An unsuccessful attempt
A cyber-sabotage incident.
A cyber-sabotage incident is a specialized form of insider threat incident (e.g.: sabotage represented 27% of insider attacks in Randazzo et al., 2005). Its distinctive characteristics are:
It is caused by an insider threat actor, called the saboteur.
The saboteur has the deliberate intention to cause harm to the organization business operations, data, or information system / network. Randazzo et al., 2005 Causing harm may not be the only motive (financial gain being a common distinct objective), but causing harm must be an important objective of the inside attacker to qualify as a sabotage, if not the primary objective. https://open-measure.atlassian.net/wiki/spaces/BIB/pages/1628996151/Moore%2Bet%2Bal.%2B2008
IT is instrumental in the incident’s sequence of events.
When successful, the incident effectively causes harm to the organization.
Underreporting and statistics
Expand | ||
---|---|---|
| ||
Cyber-sabotage incidents - as for insider threat incidents in general - tend to be underreported to authorities by organizations because organizations have strong incentives to limit reputation harm by avoiding publicity on the event and chances of obtaining reparation are low (Randazzo et al., 2005). For these reasons, statistics should be considered from a critical perspective. Statistics provided in this article are extracted from the studies referenced in the bibliographic section. These studies have several limitations (geographic location, underreporting, etc.). The statistics in this article are provided in parenthesis with the mention “e.g.” to stress these limitations. |
Personal predispositions of saboteurs
Expand | ||
---|---|---|
| ||
Most saboteurs had personal predispositions Moore et al., 2008, including:
|
Distinctive characteristics of saboteurs
Expand | ||
---|---|---|
| ||
|
Saboteurs motivations
Expand | ||
---|---|---|
| ||
|
Behavioral precursors
Expand | ||
---|---|---|
| ||
For general insider attacks, the insider’s planning behavior is noticeable in a number of cases (e.g.: 31% in Randazzo et al., 2005). More specifically for IT saboteurs, behavioral incidents seem to come to the attention of supervisors or co-workers before the sabotage takes place in a high number of cases (97% in Moore et al., 2008). Such incidents comprise:
|
Technical precursors
Expand | ||
---|---|---|
| ||
Most often, technical precursors took place before the sabotage (87% in Moore et al., 2008), such as:
|
Precipitating events and contributing factors
Expand | ||
---|---|---|
| ||
|
Vulnerabilities
Expand | ||
---|---|---|
| ||
|
Consequences
Expand | ||
---|---|---|
| ||
|
Countermeasures
Expand |
---|
Building organizational resiliency against IT sabotage requires the recognition by management of the insider threat and a multi-disciplinary approach. The following countermeasures may contribute to the mitigation of IT sabotages Moore et al., 2008:
|
Paradigmatic Examples
The Time-bomb with money motivation case Randazzo et al., 2005
Sys The sys engineer case Randazzo et al., 2005
The insider IT sabotage training (fictional) case Moore et al., 2008
Entourage and possibility of early detection:
19% were perceived as disgruntled employees before the incident. concerning behavior reported to the supervisor, incl. complaining about salary, outburst at coworkers, isolaiton from coworkers (27%) ( Randazzo et al., 2005)
Distinguished characteristics of incidents:
A minority of incidents (e.g. 26%), the perpertrator used someone else’s identity (Randazzo et al., 2005)
Sample Sentences
Eve was enraged when, following her cloud migration project’s failure, her manager Bob told her she would receive a disciplinary sanction for her poor performance. Filled with bitterness, she coded a time bomb to wreck havoc on the corporate IT network. At that moment she didn’t realize that this cyber-sabotage would lead her to serve 3 years sentence in prison.
Conceptual Diagram
Related Terms
Insider Threat
Hyperonym
IP Theft
Co-hyponym
Logic Bomb
Hyponym
Quotes
Filter by label (Content by label) | ||
---|---|---|
|
Expand | ||||||
---|---|---|---|---|---|---|
| ||||||
|
Expand | ||||||
---|---|---|---|---|---|---|
| ||||||
|
Bibliography
Anchor | ||||
---|---|---|---|---|
|
Anchor | ||||
---|---|---|---|---|
|
https://open-measure.atlassian.net/wiki/spaces/BIB/pages/1628996151/Moore%2Bet%2Bal.%2B2008
See Also
Filter by label (Content by label) | ||||||
---|---|---|---|---|---|---|
|