Insider Threats
eBook - ePub

Insider Threats

  1. 216 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Insider Threats

About this book

"This compendium of research on insider threats is essential reading for all personnel with accountabilities for security; it shows graphically the extent and persistence of the threat that all organizations face and against which they must take preventive measures."

— Roger Howsley, Executive Director, World Institute for Nuclear Security

High-security organizations around the world face devastating threats from insiders—trusted employees with access to sensitive information, facilities, and materials. From Edward Snowden to the Fort Hood shooter to the theft of nuclear materials, the threat from insiders is on the front page and at the top of the policy agenda. Insider Threats offers detailed case studies of insider disasters across a range of different types of institutions, from biological research laboratories, to nuclear power plants, to the U.S. Army. Matthew Bunn and Scott D. Sagan outline cognitive and organizational biases that lead organizations to downplay the insider threat, and they synthesize "worst practices" from these past mistakes, offering lessons that will be valuable for any organization with high security and a lot to lose.

Insider threats pose dangers to anyone who handles information that is secret or proprietary, material that is highly valuable or hazardous, people who must be protected, or facilities that might be sabotaged. This is the first book to offer in-depth case studies across a range of industries and contexts, allowing entities such as nuclear facilities and casinos to learn from each other. It also offers an unprecedented analysis of terrorist thinking about using insiders to get fissile material or sabotage nuclear facilities.

Contributors: Matthew Bunn, Harvard University; Andreas Hoelstad Dæhli, Oslo; Kathryn M. Glynn, IBM Global Business Services;

Thomas Hegghammer, Norwegian Defence Research Establishment, Oslo; Austin Long, Columbia University; Scott D. Sagan, Stanford University; Ronald Schouten, Massachusetts General Hospital and Harvard Medical School; Jessica Stern, Harvard University; Amy B. Zegart, Stanford University

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Insider Threats by Matthew Bunn, Scott D. Sagan, Matthew Bunn,Scott D. Sagan in PDF and/or ePUB format, as well as other popular books in Politics & International Relations & Cyber Security. We have over one million books available in our catalogue for you to explore.

CHAPTER 1

Insiders and Outsiders

A Survey of Terrorist Threats to Nuclear Facilities
Thomas Hegghammer and Andreas Hoelstad Dæhli
Employees are the Achilles’ heel of nuclear installations. Skilled insiders can cause more damage and steal radioactive material more easily than outsiders can.1 All known cases of nuclear theft appear to have involved insiders, as did several cases of sabotage.2 The prospect of a terrorist insider has therefore long worried governments and should continue to do so. But effective countermeasures require a nuanced and empirically based understanding of the threat. This chapter seeks to inform insider-threat assessments by taking stock of what terrorists have said and done in the past with regard to nuclear insider plots.
As we shall see, terrorists have so far displayed somewhat less interest in nuclear insider operations than many have expected. When militants have tried to attack nuclear facilities, they have mostly preferred other methods such as assault. The reason appears to be that prospective attackers are deterred by the sheer difficulty of recruiting insiders. This does not mean that the insider-threat problem is not a serious one; several groups have contemplated nuclear terrorism and would probably not hesitate to use insiders if they could. Our data suggest that some terrorist insider scenarios are more likely than others and that governments can use this insight to better guard against the threat. We notably find that far-right militants have expressed more interest in exploiting nuclear insiders than have jihadi groups. We also argue that infiltration is more likely to occur in the form of an existing insider reaching out to a terrorist group, and it is less likely that terrorist groups will try to plant operatives or “cold call” insiders. This suggests that sting operations designed to undermine terrorists’ trust in insiders who contact them might help further reduce the malevolent insider threat.
The chapter makes two main contributions to the nuclear insider literature. The first is to provide what we believe is the hitherto most comprehensive empirical overview of terrorist efforts to attack nuclear installations using insiders. Scholars have attempted to do this in the past, but the key problem has been a lack of data.3 In recent years, however, a number of new sources and data sets have become available, prompting us to revisit the historical record for evidence on infiltration efforts. In addition to using new data, the study breaks new ground by looking systematically at both declared intentions and actual attempts, and by presenting both large-n data and in-depth case study evidence.
Our second contribution is a new typology of insider operations that can be used to organize historical evidence and think about future threats. We argue that insider operations may take one of four ideal-type forms. The first we call insertion, a process whereby a group plants an existing member in a facility. Second is recruitment, whereby a group reaches out to an existing employee. Third is outreach, whereby an employee reaches out to a group. Fourth is autonomous action, whereby the employee develops terrorist motivations on his or her own and acts independently of outside groups.4 The first two scenario types appear to be quite rare, and most serious terrorist insider cases seem to involve “outreach” or “autonomous action.”
This chapter has important limitations. For one, it is a study of the past, not the future. We do not evaluate the possible impact of emerging tactics such as cyber-based infiltration. History can be a useful analytical starting point, but it does not tell us all we need to know about future threats. Second, our data are bound to contain inaccuracies. Clandestine groups are generally hard to observe, and here we are left dealing mostly with intentions, plans, and attempts because successful insider attacks are so rare. This is the murkiest of murky territories: Terrorists often conceal their intentions, governments sometimes play down security breaches, and both journalists and law enforcement agencies involved in an arrest may exaggerate plots. Moreover, our incident data from non-Western countries such as Russia and Pakistan are much less comprehensive and granular than for Western countries, leaving a potentially significant reporting bias in our data. We have not attempted a comprehensive review of terrorist insider cases at other types of sensitive facilities, which could provide additional analogies on which to draw. Finally, our review of declared intentions is focused on jihadi and far-right groups, which means that we may have overlooked relevant texts and statements by other group types.
We ask three questions: First, what have terrorists said about nuclear insider operations in their publications and internal communications? Second, how often have they attempted nuclear insider operations? Third, what are the most prominent nuclear insider cases, and what can we learn from them? We addressed the first question by trawling secondary literature on terrorist ideologies and searching repositories of extremist literature. For the second question, we built a new data set of serious radiological and nuclear incidents involving terrorists, coding for attack mode. We addressed the final question by selecting four of the most prominent cases and digging deep into the available literature on each. These three research questions also structure our chapter: We look first at terrorists’ sayings, then at their doings, and finally at the specifics of four cases.

Terrorist Views on Nuclear Targets and Infi ltration

Let us start with terrorist literature. We focus on jihadi and far-right groups because these are the two ideological families with the longest and best documented history of interest in chemical, biological, radiological, and nuclear (CBRN) weapons use.

JIHADI GROUPS

No group has been under more intense scrutiny for its possible CBRN ambitions than al-Qaida and its affiliates, and for good reason. The 9/11 attacks demonstrated al-Qaida’s willingness to maximize casualties in the West, an intention repeated in word and deed on multiple occasions thereafter. There is ample textual evidence of jihadi interest in CBRN in general, and there is hard evidence of jihadi actual use of chemical weapons5 and of active pursuit of radiological and nuclear (RN) weapons.6
There is no question that at least some jihadi groups are ideologically open to the use of RN weapons. Al-Qaida’s former leader Osama bin Laden spoke repeatedly of nuclear weapons in positive terms as a capability that Muslims have a duty to acquire.7 An al-Qaida-linked cleric, Nasir al-Fahd, issued a fatwa in 2003 sanctioning the use of weapons of mass destruction (aslihat aldimar al-shamil) against Western civilians.8 A leading strategic thinker, Abu Mus‘ab al-Suri, has written extensively on the strategic utility of such weapons and has argued that “hitting the US with WMD… is vital.”9 In 2009 the leader of al-Qaida’s affiliate in Yemen, Nasir al-Wuhayshi, claimed (falsely) that his group possessed nuclear weapons and planned to use them against the United States.10 Technical documentation on RN weapons has been found in al-Qaida’s possession, and on at least one occasion (the José Padilla case) a RN plot was actively contemplated but was scrapped on feasibility grounds.11 Meanwhile, on jihadi Internet forums, anonymous users have regularly fanta-sized about RN weapons, and they have circulated at least one major technical manual (and several smaller ones) on nuclear weapons.12
Islamic State (IS), the most powerful jihadi group in 2016, has not spoken much about CBRN weapons since rising to prominence in mid-2014. Its leader, Abu Bakr al-Baghdadi, and spokesman, Abu Muhammad al-Adnani, have not raised the topic in their speeches after the caliphate was declared in late June 2014. However, one article in the group’s English-language magazine, Dabiq, briefly mentions a specific hypothetical scenario in which IS acquires a nuclear weapon and smuggles it into the United States for detonation.13 Moreover, as a former al-Qaida affiliate that continues to hold Osama bin Laden in great esteem, IS can be assumed to share al-Qaida’s general views of CBRN weapons as legitimate. As discussed later in this chapter, monitoring of a nuclear insider in Belgium in 2015 by IS operatives may be an indicator of nuclear intent. Last but not least, IS and its previous incarnations have a history of chemical weapons use in Iraq since the mid-2000s and possibly in Syria since 2014.14
We should not exaggerate the relative attention paid to RN weapons in jihadi writings. CBRN-related texts make up a small proportion of jihadi texts on tactics, and among these CBRN-related texts, documents focusing on RN weapons are in a minority.15 Bin Laden himself never actually singled out the Bomb as the unconventional weapon of choice; all of his three statements speak of nuclear weapons alongside chemical (and in two instances biological) weapons. Even Nasir al-Fahd’s infamous fatwa is not about nuclear weapons specifically, but rather CBRN in general (in fact, the word nuclear appears only twice in al-Fahd’s text). In short, jihadi groups have explored multiple ways to kill large numbers of people, and RN weapons are only one of them. Still, al-Qaida has said and written more on RN weapons than have most other terrorist groups.
It is therefore interesting that our review of jihadi texts revealed relatively few statements specifically mentioning nuclear facilities. The declarations of Osama bin Laden and Ayman al-Zawahiri lack any suggestions to attack nuclear facilities, as do the Abbottabad documents released so far. Minbar al-Tawhid wa’l-Jihad, the main online archive of jihadi ideological literature, appears to contain no texts explicitly suggesting such attacks. To our knowledge, the only mention by a senior al-Qaida leader of the idea of attacking a nuclear facility occurs in Khalid Sheikh Mohammed’s interview with al-Jazeera in 2002, in which he said that he contemplated using one of the planes in the 9/11 operation to strike a nuclear reactor.16 However, other groups in the wider jihadi movement have mentioned nuclear installations more frequently, not least the Chechen rebels, who made numerous public threats to attack Russian nuclear facilities in the 1990s and early 2000s.17
On jihadi Internet forums, where anonymous jihadis gather for informal discussions, there has also been talk of targeting facilities. However, even here explicit threats are relatively rare. Our search in the Dark Web Forum Portal (DWFP), which covers a variety of forums, some dating back to 2002, uncovered eight posts that revealed a certain interest in attacking nuclear facilities in the West (see the text box for a summary).
Sample jihadi forum messages expressing interest in attacking nuclear facilities
  1. “Al-Qaida issues statement on the strike against electricity in America” (Montada, August 18, 2003). Post relaying the statement by the “Abu Hafs al-Masri Brigades” (falsely) claiming responsibility for the electricity outage in the U.S. Northeast and Canada. The statement lists fifteen “benefits” of the attack, the eighth of which was “the closing of nine nuclear reactors, which has never happened before and constitutes a powerful economic blow.”
  2. “Can you present al-Qaida with a plan to hit the Americans and the Brits in their own homes?” (Shamikh, December 1, 2007). Short, somewhat cryptic message that reads: “Can you present al-Qaida with a plan to hit the America and Britain in their own homes?...

Table of contents

  1. List of Contributors
  2. Acknowledgments
  3. Introduction: Inside the Insider Threat
  4. 1. Insiders and Outsiders: A Survey of Terrorist Threats to Nuclear Facilities
  5. 2. The Fort Hood Terrorist Attack: An Organizational Postmortem of Army and FBI Deficiencies
  6. 3. Lessons from the Anthrax Letters
  7. 4. Green-on-Blue Violence: A First Look at Lessons from the Insider Threat in Afghanistan
  8. 5. Preventing Insider Theft: Lessons from the Casino and Pharmaceutical Industries
  9. 6. A Worst Practices Guide to Insider Threats
  10. Index