Lesson 3 Part 4 PDF
Document Details
Uploaded by CooperativeJacksonville
Nanyang Technological University
Tags
Summary
This document details a case study of a person who was identified as a potential insider threat. The individual's actions, including stockpiling weapons and expressing extremist views, were monitored by an effective insider threat program. The case also highlights the risk of cybercrime, specifically the 2023 MGM Resorts hack.
Full Transcript
Lesson 3 Part 4 Okay, so if we look at the indicator of unusual access, this individual fits that title. So Christopher Paul Hassan was 50 years old of Silver Spring, Maryland. He was sentenced to 160 months in federal prison, followed by four years of supervised release on four federal charges, inc...
Lesson 3 Part 4 Okay, so if we look at the indicator of unusual access, this individual fits that title. So Christopher Paul Hassan was 50 years old of Silver Spring, Maryland. He was sentenced to 160 months in federal prison, followed by four years of supervised release on four federal charges, including unlawful possession of unregistered silencers, unlawful possession of firearms, firearm silencers, possession of firearms by an addict to an unlawful user of controlled substance and possession of a controlled substance. So he self-identified as a white nationalist for over 30 years and in writings advocated for focused violence in order to establish a white homeland. Review of his email account, save documents and text messages and internet searches showed that he was inspired by racist murderers, stockpiled assault weapons, studied violence and intended to exact retribution on minorities and those he considered traitors. He admitted that he used various email accounts, including an overseas encrypted email account to order tramadol, which is an opioid from various illegal internet-based distributors. He usually paid for the tramadol by wiring money to individuals in Mexico at the direction of the Mexico-based distributor who then had the tramadol shipped to Hassan, typically in 100 milligram pills. He admitted that he then concealed the tramadol and other packaging at his residence and work and personally took the pills daily while he was at work. Search warrants executed the same day recovered a number of tramadol pills and law enforcement also recovered firearms, rifles, shotguns, pistols, revolvers and silencers and in close proximity to these guns they found multiple magazines that could accept more than 15 rounds of ammunition as well as hundreds of rounds of ammunition. So he was a case of an positive insider threat outcome in that an insider threat hostile act was prevented by an effective insider threat program which included user activity monitoring that identified attack and targeting research and planning and operational covert support. So in summary, an insider threat program that was monitoring him identified his behaviors and his indicators before he was actually able to commit any physical harm against any person. I finally just want to highlight here the risks of social media because this was a really big hack of MGM Resorts International. So back in 2023 a cybercriminal group, an organized crime group called Scattered Spider successfully sent a phishing email to an employee at MGM Resorts. He clicked on the email and they knew what he did because they analyzed his behaviors and his postings on his LinkedIn account and they used the information that he had posted on social media to actually be able to impersonate him and gain access to the business's network using his credentials. It cost MGM about 10 million dollars and 100 million in loss of earnings and 36 hours of downtime and in the hospitality industry that is a huge amount of time.
