Trends of the Cyber Insider Threat and its Impact

Department of Energy’s Office of Radiological Security (ORS) aims to evaluate security systems, including their cybersecurity to enhance the security of high-activity sources, like those used for certain medical applications. In 2021, publicly disclosed attacks of cyber-attacks (i.e., breaches) of healthcare organizations have revealed that internal (or insider) breaches represented 39% of all confirmed incidents . Additionally, trends in the availability of low-cost, highly capable devices, such as the USBSamurai , that provide the cyber insiders stealthy capability to establish persistence in physical security networks through covert wireless channels. The trends in low-cost devices coupled with open-source exploitation platforms (e.g., Kali Linux) will be explored in this paper through a scenario-based discussion following publicly disclosed attacks to illustrate the potential impacts of an attack using these tools and how to successfully prevent, detect, and respond to these attacks. The paper will also explore how to apply the guidance within ORS’ Best Practices Guide to evaluate and enhance the cybersecurity of physical security systems that protect against theft of high-activity sources.