Comments on: Step One: become an Insider http://www.gnucitizen.org/blog/step-one-become-an-insider/ Information Security Think Tank Sat, 02 Feb 2013 17:50:40 +0000 hourly 1 http://wordpress.org/?v=3.4.1 By: Eponymous http://www.gnucitizen.org/blog/step-one-become-an-insider/comment-page-1/#comment-80661 Eponymous Tue, 04 Dec 2007 00:29:27 +0000 http://www.gnucitizen.org/blog/step-one-become-an-insider#comment-80661 Linked In is probably worse, because people more consistently disclose their actual titles... Email Subject: Good God you won't believe it! [name of ex-coworker taken from LinkedIn] from [name of old company taken from LinkedIn] has been indicted for fraud! Check out the report! Linked In is probably worse, because people more consistently disclose their actual titles…

Email Subject: Good God you won’t believe it! [name of ex-coworker taken from LinkedIn] from [name of old company taken from LinkedIn] has been indicted for fraud! Check out the report!

]]> By: Marcin http://www.gnucitizen.org/blog/step-one-become-an-insider/comment-page-1/#comment-80276 Marcin Sun, 02 Dec 2007 18:50:53 +0000 http://www.gnucitizen.org/blog/step-one-become-an-insider#comment-80276 The main difference between insiders and outsiders, is the organization in question has control over their insiders. Outsiders on the other hand, are only subject to the jurisdiction of the laws they reside under. This is the point when people and process take over what technology can't handle itself. You're also stepping into economic and industrial espionage legal territories as there are laws in place to protect against such attacks. There is the <em>Economic Espionage Act of 1996</em> here in the USA that makes the theft or misappropriation of a trade secret a federal crime. <strong>So how do we call insiders that has been compromised?</strong> Criminals. The main difference between insiders and outsiders, is the organization in question has control over their insiders. Outsiders on the other hand, are only subject to the jurisdiction of the laws they reside under. This is the point when people and process take over what technology can’t handle itself.

You’re also stepping into economic and industrial espionage legal territories as there are laws in place to protect against such attacks. There is the Economic Espionage Act of 1996 here in the USA that makes the theft or misappropriation of a trade secret a federal crime.

So how do we call insiders that has been compromised?

Criminals.

]]> By: pdp http://www.gnucitizen.org/blog/step-one-become-an-insider/comment-page-1/#comment-79885 pdp Sat, 01 Dec 2007 19:02:11 +0000 http://www.gnucitizen.org/blog/step-one-become-an-insider#comment-79885 yeh you are actually right. but it is all semantics isn't it. but you are right. so how do we call insiders that has been compromised? yeh you are actually right. but it is all semantics isn’t it. but you are right. so how do we call insiders that has been compromised?

]]> By: Richard Bejtlich http://www.gnucitizen.org/blog/step-one-become-an-insider/comment-page-1/#comment-79881 Richard Bejtlich Sat, 01 Dec 2007 18:54:22 +0000 http://www.gnucitizen.org/blog/step-one-become-an-insider#comment-79881 Hello, Great blog! If you join a company, if you are hired by the company as a contractor, or if you are a trusted partner, then you are an insider. Insider means you have authorized access to a resource and you have an approved means to use that resource. You are also provided some degree of instruction on how to use that resource and the data it processes. Anyone else who accesses a company resource is not an insider. He/she is an outsider. An outsider who compromises an employee's system does not become an insider. True, the intruder has probably the same degree of access that the legitimate insider has. Nevertheless, the outsider should not be called an "insider." Hello,

Great blog!

If you join a company, if you are hired by the company as a contractor, or if you are a trusted partner, then you are an insider. Insider means you have authorized access to a resource and you have an approved means to use that resource. You are also provided some degree of instruction on how to use that resource and the data it processes.

Anyone else who accesses a company resource is not an insider. He/she is an outsider. An outsider who compromises an employee’s system does not become an insider. True, the intruder has probably the same degree of access that the legitimate insider has. Nevertheless, the outsider should not be called an “insider.”

]]> By: Keith http://www.gnucitizen.org/blog/step-one-become-an-insider/comment-page-1/#comment-79357 Keith Fri, 30 Nov 2007 14:37:53 +0000 http://www.gnucitizen.org/blog/step-one-become-an-insider#comment-79357 Another interesting area for exploration related to this is Facebook apps. There are no real restrictions on what the apps do or what external websites they connect to. A bit of reading of the developer information reveals many possibilities. Combined with social engineering this has potential. Another interesting area for exploration related to this is Facebook apps. There are no real restrictions on what the apps do or what external websites they connect to. A bit of reading of the developer information reveals many possibilities.

Combined with social engineering this has potential.

]]>