The National Counterintelligence and Security Center (NCSC) and the National Insider Threat Task Force (NITTF) have declared September 2020 as Insider Threat Month. Given the plethora of cases involving insiders of late, the timing is impeccable. For those responsible for handling insider threat programs within their entity, they may wish to point their constituents to the events being hosted this month by the NCSC, NITTF, DoD Undersecretary for Intelligence and Security, Defense Counterintelligence and Security Agency (DCSA), the FBI, and Department of Homeland Security (DHS).
The goal of focusing on insider threats this month is to sensitize employees and organizations on the overall threat and encourage employees to report anomalous behavior. Furthermore, it helps to ensure employees understand how their unintentional deviation from established processes and procedures designed to protect information may cause harm to their entity.
NCSC Director William Evanina shared his optic on the malevolent insider, “Most insider threats display concerning behaviors before engaging in negative events. Our objective is to help government and corporate organizations get ahead of the problem by bolstering their insider threat programs so they can detect, engage and assist at-risk employees before they go down the wrong path.
“COVID-19 has posed new challenges — with employees subject to new stresses and more of them working from home — and we’ve been working with partners to enhance their employee engagement,” said Evanina.
Insider Threat Awareness Is Required
Since the 2011 Executive Order all federal agencies with access to classified information are required to have their own insider threat detection and prevention programs.
As evidence of the insider threat, the NCSC offered up a selection of arrests and prosecutions involving insiders. Here are their generic descriptions; many of these have been detailed within ClearanceJobs:
- We add the August 22 arrest of Egor Igorevich Kriuchkov who attempted to bribe an insider within Tesla with $1 million. The Tesla insider declined the bribe and reported the approach. A win for Tesla’s insider threat program.
- On August 21, an individual was arrested for conspiring to provide Russia with classified information, including while he served in the U.S. Army Special Forces. – This is Peter Debbins, whose arrest we unpacked in our three part series (Part 1 – Russian Espionage exposing the mole in the Special Forces, Part 2 The GRU recruitment and handling of the mole, Peter Debbins, Part 3 where Debbins segues into the U.S. intelligence and defense communities.)
- On August 14 an individual was arrested for conspiring to provide China with classified information, including while he worked as a contract linguist for the FBI. – This is Alexander Yuk Ching Ma who penetrated FBI Honolulu on behalf of the Chinese MSS.
- On July 30 an individual pleaded guilty to conspiring to steal medical trade secrets from her employer, the Research Institute at Nationwide Children’s Hospital in Ohio, to benefit a company she and her husband formed in China.
- On February 27 an individual was sentenced to prison for stealing trade secrets worth more than $1 billion from his employer, a U.S. petroleum company. – This is Hongjin Tan who was a “materials scientist” within the Disruptive Technologies team at Phillips 66 Research Center in Bartlesville, OK.
- On January 31 an individual was sentenced on weapons and drug charges after a successful insider threat investigation indicated he was planning acts of violence and stockpiling weapons while working at the U.S. Coast Guard, leading to his arrest.