Old truisms die hard, especially if their advocates have a vested interest in keeping them alive. That part of academia which has shackled insider threat to the exclusive service of cyber security alarmists of late also tends to repackage its workplace violence practice in order to sell well rehearsed platitudes under a different banner. Not that the platitudes are irrelevant – especially when applied to rampage killers and the threat they present to the workplace. But to cast all insider threats as either nascent cyber or violent attacks is to miss something. That something is precisely what surfaced as recent carnage at the In Amenas natural gas pipeline facility in Algeria.
News reports like this one from the Daily Mail (http://www.dailymail.co.uk/news/article-2265518/Algeria-crisis-Algerian-forces-Canadians-Frenchman-bodies-gas-plant-gunmen.html ) register alarm at how non-swarthy, stereotype-defying expatriates may have played a pivotal role in the recent terrorist attack on a gas plant in Algeria. To an informed analyst of insider threats, however, this phenomenon should come as no surprise.
Indeed, this kind of insider threat falls so much into line with my 2008-2009 thesis research (about which more, at the end) findings as to appear inevitable. Specifically, my delphi research suggested that an infiltrator gaining access as a new hire could amass enough insider information to advance such an attack by staying no longer than the institution's probation period, rather than having to be a sleeper or disgruntled insider working in place for many years in order to get the keys to the kingdom or intricate knowledge to support an attack that is fatal to the organization.
True, my social sciences research did not attain the precision of mathematics or the hard sciences. But the insights of the delphi group did align unusually well here. The other point, which one particular delphi member from the energy sector raised in my research, was that it can be so hard to find qualified and employable people willing to accept entry-level jobs these days, that the whole enterprise becomes predisposed to hire them and rush them through screening and even the probation process. Perhaps it was precisely this Achilles' heel that was exploited in Algeria.
This particular epiphany aligns equally well with another long-term observer’s findings that today’s traitors are less likely to be a disgruntled careerist with a personal axe to grind or pockets to fill by betrayal, so much as an ideologically, self-funded trust betrayer animated more by divided loyalties than by profit motives. Watch for more of these kinds of insiders to be catalyzing or enabling attacks on infrastructure and industrial sites in the future.
[Sources: For particulars on the foregoing research findings, refer to the Available Materials tab at www.NoDarkCorners.com, which supplies details on where to find this information, some of them free of charge, such as the 2010 article, “No Dark Corners: A Different Answer to Insider Threats,” in the peer-reviewed journal, Homeland Security Affairs(available at http://www.hsaj.org?article=6.2.5). For the study of espionage identifying the new trend cited above, see Katherine L. Herbig’s Changes in Espionage by Americans: 1947-2007, Technical Report 08-05, by the Defense Personnel Security Research Center, March 2008. References to Herbig’s study also appear in greater context in Chapters 1 and 2 of Managing the Insider Threat: No Dark Corners, Baton Rouge: CRC Press, 2012, available at Amazon.com.]
-- Nick Catrantzos
