Increasingly, reports of cybercrime are taking over headlines.
Attacks on major enterprises, government agencies or people in the public eye, are taking a front seat in the arena of national and international concerns. Even Trump is talking about making cybersecurity a priority and this is someone who knows all the best words.
While these stories might amuse us they are also indicative of something a little graver. As we reach towards our brave new world, armed with gadgets, shrouded in broadband, as dependent on the internet as a deep-sea diver is to their oxygen tank, we are also making ourselves more vulnerable to the whims and plots of bad guys.
Who the heck are these bad guys?
Angry employees, hacktivists, organized crime, state-sponsored cybercriminals and mischief makers. In a series of short, but informative, JIG articles, we’re going to examine these five different threats and shed some light on their dubious, (and sometimes hilarious) motivations.
Our first article, Insider Attacks looks at slighted, unhappy employees who cost their employers millions. Employers take note!
PART 1 – INSIDER ATTACKS
It’s now common practice to escort a newly terminated employee off work premises to allay the risk of sabotage, theft or damage to work property. The fired employee is a risk for months after they’ve been let go, especially if the proper precautions are not observed.
More than half of malicious insider attacks were former employees who regained access via back doors that were never properly disabled. But there’s also the unhappy currently employed employee. A disgruntled employee could simply be so fed up with the powers-that-be that the idea of selling sensitive business information to ready buyers online is a no-brainer.
5 FAMOUS INSIDER ATTACKS
Terry Childs – A Network Administrator for the city of San Francisco who refused to divulge password information to his supervisors and tampered with network.
Micky Joe Mitchell – After finding out he was going to be fired, this man wreaked vengeance on his employers, an oil and gas company, by resetting their servers and disabling essential equipment in their systems.
Karmarian Millender – A hospital worker steals identities of patients as part of an identity theft ring
Sam Chihlung Yin – A Gucci employee finds out he’s fired and follows up with rampage that cost the company $200, 000 to clean up.
Timothy Allen Lloyd – After being fired from the company he worked at for 11-years this network administrator unleashed a ‘hacking time bomb’ that cost $2 million to clean up and $10 million in revenue.
“Insider threats can emerge from individuals who exploit legitimate access to the cyber assets of an organization for unauthorized and malicious purposes, or who unwittingly create cyber vulnerabilities” says Adam Hatfield Senior Director, Canadian Cyber Incident Response Centre, Public Safety Canada.
“Today, insider cyber security mitigation demands the same commitment as corporate reputation and safety management. Every employee, from the front line to the C-suite, must be engaged.” (from Canada NewsWire: “Defending Canada from the Escalating Threat of Cybercrime”)
That’s all fine and good if you’re worried about the bottom line.
But there’s an even more serious threat facing Canadians and insider staff are the focus of attention. A federal briefing on the threat of insider attacks was delivered last December to leaders of 10 critical infrastructure sectors. Notes from the event point out that 90% of key infrastructure – food delivery systems, to clean water to banking and electrical grids – are dependent on IT in one way or another.
“The insider threat is difficult to detect and can cause real damage,” the notes read. All an insider needs is a USB key loaded up with malicious code and they’re away to the races. They require no special hacking skills, just the desire to disrupt the lives of millions of Canadians.
In light of all this, employers may be wondering what they have to do to prevent potentially unhappy employees from destroying their business. Is it time for them to start treating their employees with baby gloves? Do they re-brand ‘firings’ and start kindly ask underperforming, moody, and chronically absent employees to be ever so kind and discontinue giving them the pleasure of providing them with a salary?
There are many things employers can do to protect their data and chief among them, control and monitoring access. Only give access to sensitive data to those who need it.
Monitor and provide audit trails for all activity such as file changes, network alterations and data updates are great ways to deter this kind of activity if users know their actions are being logged. Don’t delay, talk to your IT managers and providers today to make sure your IT system are as safe as they can be.