ABSTRACT
This chapter explores the efforts of social engineering attacks by insiders. Insiders who do steal data or information usually have an idea of what they will do with them, or who outside the organization considers the data to be of value enough for somebody to steal. The Internet can also provide a communication platform for insiders to stay in contact with outside co-conspirators regarding their actions or the types of information they should look for and misappropriate. There have been numerous incidents of insiders attacking information systems. Some attacks occur for revenge or out of anger against the organization or managers and staff. The National Insider Threat Task Force was established after the WikiLeaks release of thousands of classified documents through the global media and the Internet. Access control is the fundamental basis of computer security, but remains a relative weakness in dealing with everyday threats, especially those posed by insiders.
