Phil Payne wrote:
These days the threat's on the network, and the bearded nutter is sitting safe
in some cave
somewhere. He doesn't necessarily have to get to your system - he can also
attack a system
that your system trusts.
i think there was the vehicle plowing into the lobby of a building ...
early 80s? someplace in maryland? .... after that you definitely saw
datacenters being moved from glass showplace next to the lobby into some
form of bunker ... and around the lobby got all those large concrete
planters.
when we were doing ibm ha/cmp ... we considered a very wide variety of
threats ...
http://www.garlic.com/~lynn/subtopic.html#hacmp
there have been numerous studies ... even recently ... that the majority
of fraud involve insiders ... it is just that the external attacks are
much more likely to make the press.
then there is these recent news article:
Secret Service: Inside Attacks Generally Launched By Problem Employees
http://www.informationweek.com/showArticle.jhtml?articleID=192300415
Study Highlights Insider Threats
http://www.informationweek.com/showArticle.jhtml?articleID=192300421
now, probably by definition, anybody responsible for an insider attack
is likely to be labeled a problem employee.
an older post citing a study that up to seventy percent of ID thefts
involve an insider
http://www.garlic.com/~lynn/aadsm17.htm#38 Study: ID theft usually an
inside job
lots of collected posting about threats, fraud, vulnerabilities, and risks
http://www.garlic.com/~lynn/subpubkey.html#fraud
misc. past posts specifically mentioning insider attacks:
http://www.garlic.com/~lynn/aadsm6.htm#terror8 [FYI] Did Encryption
Empower These Terrorists?
http://www.garlic.com/~lynn/aadsm14.htm#4 Who's afraid of Mallory Wolf?
http://www.garlic.com/~lynn/aadsm16.htm#20 Ousourced Trust (was Re:
Difference between TCPA-Hardware and a smart card and something else before
http://www.garlic.com/~lynn/aadsm17.htm#25 Single Identity. Was: PKI
International Consortium
http://www.garlic.com/~lynn/aadsm18.htm#18 Any TLS server key compromises?
http://www.garlic.com/~lynn/aadsm24.htm#5 New ISO standard aims to
ensure the security of financial transactions on the Internet
http://www.garlic.com/~lynn/aadsm24.htm#10 Naked Payments IV - let's all
go naked
http://www.garlic.com/~lynn/2002e.html#18 Opinion on smartcard security
requested
http://www.garlic.com/~lynn/2002j.html#14 Symmetric-Key Credit Card
Protocol on Web Site
http://www.garlic.com/~lynn/2002j.html#40 Beginner question on Security
http://www.garlic.com/~lynn/2002m.html#46 Encryption algorithm for
stored data
http://www.garlic.com/~lynn/2004f.html#31 MITM attacks
http://www.garlic.com/~lynn/2005i.html#1 Brit banks introduce delays on
interbank xfers due to phishing boom
http://www.garlic.com/~lynn/2005k.html#1 More on garbage
http://www.garlic.com/~lynn/2005v.html#2 ABN Tape - Found
http://www.garlic.com/~lynn/2006k.html#16 Value of an old IBM PS/2 CL57
SX Laptop
http://www.garlic.com/~lynn/2006k.html#33 Password Complexity
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
