Two recent high-profile security incidents have made headlines across the United States and APAC regions. One was the arrest of United States Coast Guard Lt. Christopher Hasson. The other was the arrest of Yi Zheng, a Chinese national working as a contractor for Australian financial services firm AMP. Hasson was charged with several crimes and accused of being a white supremist in the middle of planning a terror plot. Zheng was arrested and pleaded guilty to attempting to steal and sell confidential AMP customer data on the dark web.
Security and risk professionals should be extremely interested in these arrests. They show that when organizations have visibility over endpoint behavioral data and the ability to collect and analyze it, that malicious insider threats can be detected long before they have a chance to inflict significant damage.
- How to detect and defend against insider threats
- Email security is greater threat than ever
- Enterprises must take insider threats more seriously
Evidence and behaviors
There was a litany of evidence gathered and behaviors observed on the two men’s endpoints that led prosecutors, AMP and the USCG to conclude that both suspects had drifted across legal boundaries.
In the case of Hasson, prosecutors presented proof showing that he had extremist views, fantasized about mass murder, was possibly targeting prominent government and media personalities for a terror strike, and making illegal drug purchases.