Page 1212 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1212
that anyone can use, typically at a cost.
Sabotage
Employee sabotage is a criminal act of destruction or disruption
committed against an organization by an employee. It can become a
risk if an employee is knowledgeable enough about the assets of an
organization, has sufficient access to manipulate critical aspects of the
environment, and has become disgruntled. Employee sabotage occurs
most often when employees suspect they will be terminated without
just cause or if employees retain access after being terminated.
This is another important reason employee terminations should be
handled swiftly and account access should be disabled as soon as
possible after the termination. Other safeguards against employee
sabotage are intensive auditing, monitoring for abnormal or
unauthorized activity, keeping lines of communication open between
employees and managers, and properly compensating and recognizing
employees for their contributions.
Espionage
Espionage is the malicious act of gathering proprietary, secret, private,
sensitive, or confidential information about an organization. Attackers
often commit espionage with the intent of disclosing or selling the
information to a competitor or other interested organization (such as a
foreign government). Attackers can be dissatisfied employees, and in
some cases, employees who are being blackmailed by someone outside
the organization.
It can also be committed by a mole or plant placed in the organization
to steal information for a primary secret employer. In some cases,
espionage occurs far from the workplace, such as at a convention or an
event, perpetrated by someone who specifically targets employees’
mobile assets.
Countermeasures against espionage are to strictly control access to all
nonpublic data, thoroughly screen new employee candidates, and
efficiently track all employee activities.
Many reported cases of espionage are traced back to advanced
