CERT just posted this podcast that talks about the different type of attacks that come with insider threats. They break it down into three different kind of attacks:

They also look at some of the specific attacks like setting up backdoor accounts or time and logic-bombs that wipe out suspicious log activity.

CERT has an entire section dedicated to insider threat.

Comments: No Comments