10. References
The following primary sources are cited in this guide. For DOJ criminal matters, press releases and criminal complaints are cited; where the original filing URL has changed, the relevant DOJ press office page is provided as an entry point.
note
References [1] and [2] are supplementary industry survey context cited in §1; they are not primary sources for detection claims.
| # | Source | Notes |
|---|---|---|
| [1] | Cybersecurity Insiders. 2024 Insider Threat Report. 2024. | Self-reported industry survey; methodology and sampling are not independently audited. Use statistics with appropriate caveats. |
| [2] | Verizon. 2025 Data Breach Investigations Report. 2025. | DBIR "internal actor" category includes both malicious insiders and negligent human error. Not all internal-actor incidents represent malicious insider cases. |
| [3] | Ponemon Institute / DTEX Systems. 2023 Cost of Insider Risks Global Report. 2023. | Sponsored research; self-selected survey methodology; reported figures reflect participating organisations only. |
| [4] | Carnegie Mellon University SEI CERT Division. Common Sense Guide to Mitigating Insider Threats, Seventh Edition. 2022. https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=552459 | Primary source for CERT case statistics, taxonomy, kill chain model, and sector study statistics cited throughout this guide. |
| [5] | US Army / DOJ. United States v. Bradley (Chelsea) Manning. Court-martial record, 2013. | Primary court-martial records and DOJ charging documents are the authoritative source. |
| [6] | NSA Office of Inspector General. Report on the Unauthorized Disclosure of Classified Information by Edward Snowden (partially declassified). 2016. | Available in partially declassified form via ODNI and congressional record. |
| [7] | US DOJ, USAO NDCA. United States v. Sudhish Kasaba Ramesh. Press release, 2020. https://www.justice.gov/usao-ndca/pr/former-cisco-engineer-sentenced-two-years-federal-prison-intentionally-damaging | |
| [8] | US DOJ. United States v. Xiaoqing Zheng. Indictment, 2019; Conviction press release, 2023. https://www.justice.gov/opa/pr/ge-engineer-and-chinese-businessman-charged-economic-espionage-and-theft-trade-secrets | |
| [9] | US DOJ, SDNY. United States v. Nickolas Sharp. Press release, 2023. https://www.justice.gov/usao-sdny/pr/former-employee-ubiquiti-sentenced-six-years-prison-stealing-confidential-data-and | |
| [10] | Tesla, Inc. v. Tripp and related proceedings; Handelsblatt reporting, 2023. | Primary legal filings are the authoritative source. |
| [11] | US DOJ, USAO District of NJ. United States v. Roger Duronio. Press release and sentencing documents, 2006. https://www.justice.gov/archive/usao/nj/Press/files/pdffiles/Duroniosen.pdf | |
| [12] | US DOJ, USAO NDCA. United States v. Anthony Scott Levandowski. Press release, 2020. https://www.justice.gov/usao-ndca/pr/google-self-driving-car-engineer-pleads-guilty-federal-trade-secret-theft-charges | |
| [13] | UK Supreme Court. Wm Morrison Supermarkets plc v Various Claimants [2020] UKSC 12. https://www.supremecourt.uk/cases/uksc-2018-0090.html | Supreme Court reversed Court of Appeal findings; Morrisons was NOT vicariously liable. |
| [14] | US DOJ, USAO NDCA. United States v. Reyes Daniel Ruiz. Press release, 2019. https://www.justice.gov/usao-ndca/pr/former-yahoo-employee-pleads-guilty-computer-intrusion | |
| [15] | US DOJ, USAO WDWA. United States v. Volodymyr Kvashuk. Press release, 2020. https://www.justice.gov/usao-wdwa/pr/software-engineer-sentenced-9-years-defrauding-microsoft-10-million | |
| [16] | Office of the Privacy Commissioner of Canada. Investigation Report into Desjardins Group's compliance with PIPEDA, 2020–001. 2020. https://www.priv.gc.ca/en/opc-actions-and-decisions/investigations/investigations-into-businesses/2020/pipeda-2020-001/ | |
| [17] | US DOJ, USAO NDCA. United States v. Ahmad Abouammo. Press release and verdict, 2022. https://www.justice.gov/usao-ndca/pr/former-twitter-employee-found-guilty-acting-agent-foreign-government-kingdom-saudi | |
| [18] | US DOJ, USAO SDNY. Former Employee Of New York Credit Union Charged With Unauthorized Computer Access. Press release, 2021. https://www.justice.gov/usao-sdny/pr/former-employee-new-york-credit-union-charged-unauthorized-computer-access-and | |
| [19] | Mandiant / Google Cloud Security. M-Trends 2025: Threat Intelligence Report. 2025. https://cloud.google.com/blog/topics/threat-intelligence/m-trends-2025 | Cited for external attacker dwell-time comparisons and enterprise detection trend context. |
| [20] | CISA. Insider Threat Mitigation Guide. 2020. https://www.cisa.gov/resources-tools/resources/insider-threat-mitigation-guide | |
| [21] | ODNI National Insider Threat Task Force. Insider Threat Program Maturity Framework. 2018. https://www.dni.gov/files/NCSC/documents/nittf/NITTF_Insider_Threat_Program_Maturity_Framework.pdf | Operational guidance framework for US government programmes; referenced for monitoring boundary guidance, not as legal authority. |
| [22] | European Data Protection Board / Official GDPR text. Articles 6, 13, 35. https://gdpr-info.eu/ | |
| [23] | Office of the Australian Information Commissioner. Employee Records Exemption. https://www.oaic.gov.au/privacy/privacy-guidance-for-organisations-and-government-agencies/workplace-privacy/employee-records-exemption | |
| [24] | Mandiant (formerly FireEye). SUNBURST Additional Technical Details. December 2020. | Original URL retired; archived at Internet Archive. Cited for documented use of low-entropy subdomain DGA in C2 channel, which evades DNS entropy-based detection heuristics. |
| [25] | NLRB, Office of the General Counsel. Electronic Monitoring and Algorithmic Management of Employees. GC 23–02. October 2022. https://www.nlrb.gov/news-outreach/news-story/nlrb-general-counsel-issues-memo-on-electronic-monitoring | Note: GC 23–02 was rescinded in February 2025 by Acting GC Cowen via GC 25–05. Cited as documented point-in-time position; no longer reflects current NLRB GC guidance. |