When you think of breaking into computer systems and stealing credit card numbers from retailers, or secrets from the Pentagon, you probably think of shadowy computer hackers in Russia or China. But two UTSA professors have received a $650,000 contraxct from the Department of Homeland Security to come up with ways to halt a far more serious threat, that the generally low paid, young and angry data entry employees or service members will steal data from their own company or agency, either for profit, for a better job opportunity elsewhere, or to ‘get back’ at the boss for some perceived slight, News Radio 1200 WOAI reports.
Nicole Beebe, Director of the Center for Education and Research in Information at UTSA calls it ‘exfiltration.’
“Most companies will make an argument that the insider threat is the most serious threat to their organization, and this is what we are trying to prevent,” she told News radio 1200 WOAI.
She says the research that she and management science Professor Daijin Ko will conduct is building what she calls an ‘insider threat detection system’ that employers and commanders can use to determine which of the individuals in their ranks is likely to be anything from a disgruntled employee of a corporate or government spy.
“What we call ‘data curation,’ to determine when they are collecting that data and getting it out of the institution, that is what we are trying to get signals for,” Beebe said.
She says the system will not attempt to mirror the ‘pre-crime’ techniques of the dystopian movie ‘Minority Report,’ but will instead be an algorithm that can be used to determine if an individual is ‘storing’ data beyond what is necessary for their job.
“We search for an abnormal pattern,” Ko said. “Essentially, we’re watching for an outlier based on how long they’re using the computer, when they are using it, and how they are using it, among other variables.”
Beebe says institutions and businesses are vulnerable because in many cases, low level employees who have a frequent tendency to be angry, and feel abused and vengeful, are often the ones with the most access to data. She points out that former National Security Agency employee Chelsea Manning, who is blamed for the largest single leak of classified U.S. documents in American history, was an Army Private First Class.
“The way our organizations, military, businesses, the way everybody works nowadays, is your access level, your need to know, is defined at a much broader level than, frankly, we need or want.”
She says it is time that American technology ‘rise to this new challenge.’
“That is exactly what we’re doing.”