Insider Threat Problem is a Growing Issue

A US government worker has been arrested and charged with spying for Ethiopia. The problem is so bad that companies with government contracts have to create an insider threat program, provide annual training for all employees and designate an officer to be the Insider Threat Program Senior Official (ITPSO) – the person who will get be accountable in case of a problem.

In this case, the Maryland resident, 50, was a help desk tech for the State Department at night and a contractor for the Department of Justice during the day.

He held a top-secret clearance, which, in theory, means that the government did an extensive background check so the person should be a low risk.

According to the criminal complaint, between December 2022 and August 2023, he copied, printed and downloaded classified and top-secret information from more than 100 intelligence reports.

After doing this, he (allegedly) transmitted classified national defense information including documents, photographs, notes, maps and other data over an encrypted messaging app.

He received thousands of dollars for the stolen data. He tried to deposit $11,773 in cash at a Maryland bank and tried to get the bank not to file a suspicious activity report (SAR) as required by law. The good news is that crooks are, in many cases, stupid.

The feds only accidentally discovered this when they were investigating another breach – Air National Guard Airman Jack Teixeira. If it weren’t for that, they probably would not have discovered this.

Do you have an insider threat program or do you think it is not going to happen to you? Need help? Please contact us. Credit: The Register

by