Categories: SecurityWorkspace

Disgruntled Staff Pose Insider Threat Risk, FBI Warns

Companies are once again being warned about the security risks to their systems posed by unhappy employees and former members of staff.

The new warning from the FBI and the Department of Homeland Security (DHS) came in a public service notice issued on Tuesday, warning organisations that there has “been an increase in computer network exploitation and disruption by disgruntled and/or former employees.” It adds that organisations risk the theft of their proprietary information, and staff are opting to facilitate these attacks through the use of cloud storage Web sites, like Dropbox, and personal email accounts.

It warned that in many cases, former staff members continued to have access to the computer networks through the installation of unauthorised remote desktop protocol software prior to them leaving the company.

Cloud Hack

Typical attacks have included attempts by disgruntled or former employees to extort their employer for financial gain. Often, these extortion cases have a financial impact on the organisation concerned, with the notice estimating that victim businesses incur significant costs ranging from $5,000 (£3,053) to $3m (£1.8m).

But attacks also include modifying and restricting access to company Websites, disabling content management systems, and conducting distributed denial of service attacks.

“The FBI and DHS assess that disgruntled and former employees pose a significant cyber threat to US businesses due to their authorized access to sensitive information and the networks businesses rely on,” the FBI and DHS’s note said.

“The exploitation of business networks and servers by disgruntled and/or former employees has resulted in several significant FBI investigations.”

It also warned that insiders tended to use their access to corporate systems to “destroy data, steal proprietary software, obtain customer information, purchase unauthorized goods and services using customer accounts, and gain a competitive edge at a new company.”

Safeguarding Advice

There are of course a number of obvious measures that organisations can undertake to minimise the risks posed by unhappy staff, or former employees. This includes regularly reviewing staff access and limiting their access to only the areas they need to do their job.

When a staff member leaves, his or her access should be terminated immediately. When IT personnel leave, all administrative passwords to servers and networks should also be changed. And organisations should ban the use of shared usernames and passwords for remote desktop protocols, and do not use the same login and password for multiple platforms, servers, or networks.

But there are other, less obvious practices that organisations should undertake. This includes letting third party companies that provide technical support or email support, know when an employee has left, so they cannot be duped into providing new access rights. Additionally, companies are advised to restrict Internet access on corporate computers to cloud storage Web sites.

Staff should also not be allowed to install unauthorised software on corporate computers, and daily backups should be maintained. Staff should also be forced to change their passwords to corporate accounts regularly.

Warnings of this nature are nothing new. Last year, a study sponsored by security firm Vormetric found that most organisations do not block privileged users from access to sensitive data.

It also highlighted the fact that one of the biggest data breaches of all time occurred not by a malicious external actor, but by IT contractor Edward Snowden, who was able to take privileged information from the National Security Agency (NSA).

Are you a security pro? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Google Confronts Break-Up Threat From US DoJ

US Department of Justice mulls asking judge to force Google to sell parts of its…

2 hours ago

US Supreme Court Rejects X’s Trump Appeal

US Supreme Court declines to hear appeal from X, formerly Twitter, over nondisclosure order attached…

1 day ago

US Judge Orders Google To Allow Android App Store Competition

US federal judge orders Google to undertake wide range of measures allowing third-party app stores…

1 day ago

Ukraine Hackers Disrupt Russian Broadcaster On Putin’s Birthday

Ukrainian hackers disrupt online services of Russian state broadcaster VGTRK on Vladimir Putin's birthday, amidst…

1 day ago

Amazon Antitrust Case Gets Go-Ahead In US Court

US federal judge says FTC and 18 states may proceed with landmark Amazon antitrust case,…

1 day ago