Kaspersky Lab reveals cyberrevenge from ex-employee

Information Technology Press Releases Thursday January 31, 2019 13:15
Bangkok--31 Jan--Kaspersky Lab

Parting with employees is part of business. But in some cases it can be painful. Aside from fraying the nerves of managers, disgruntled ex-employees can also cause reputational and financial harm while trying to settle the score.

We look at what such resentment can lead to and how to guard against cyberrevenge.
++ The $200,000 password ++

One potent example of post-employment trouble comes from the online American College of Education. Management there didn't hit it off with system administrator Triano Williams, who worked for the company remotely.

In 2016, the employee filed a racial discrimination complaint against the organization. A short while later, he was offered a relocation to Indianapolis to work in the local office. Williams refused; teleworking was one of his key conditions. As a result, he was dismissed. Although he received a severance package, the IT expert was discontent. He concluded that the whole story about relocating had been concocted because of his complaint. To take revenge on the school, he changed its Google account password, depriving former colleagues of access to e-mail and study materials for more than 2,000 students.

Williams argued that the password was automatically saved on his work laptop, which he returned shortly after being fired. However, according to the college, the former administrator wiped the device before returning it.

The institution asked Google to restore access to the account, but it turned out the profile was registered to Williams' personal account, not the company. The ex-employee's lawyer hinted that his client might be able to remember the lost password in exchange for $200,000 and a positive recommendation from the company.

++ Exhibitory attack ++

Another example involves more active measures post-employment. Richard Neale, cofounder and former IT director of information security company Esselar, departed on bad terms and spent six months plotting his revenge.

To discredit his former colleagues, he waited for the day when Esselar was due to demonstrate its services to a major client, insurance company Aviva. On the eve of the presentation, Neale hacked the mobile phones of about 900 Aviva employees and deleted all information from the devices.

After the incident, Aviva broke off relations with Esselar and demanded GBP70,000 in compensation. But the total reputational losses and potential harm were estimated at GBP500,000 by Neale's former partners. According to the company, his actions were so damaging that Esselar considered a rebrand.

++ A quick and very costly data wipe ++

Also dangerous are employees who only suspect that dismissal might be coming. Mary Lupe Cooley, an assistant director at an architectural firm, saw a newspaper ad seeking someone for her position with her boss's number listed in the contact details.

Assuming she was about to be fired, Cooley deleted project data stretching back seven years, causing damage estimated at $2.5 million. As for the ad, it was for a vacancy at the company of her boss's spouse.
++ How to avoid falling victim to cyberrevenge ++
To prevent ex-employees from harming your IT infrastructure, keep a close eye on their rights and permissions from day one. Here are a few rules for companies that want to stay secure:
  • Keep a log of employees' IT rights, plus accounts and resources to which they have access. Grant additional rights only if you are absolutely sure that the employee needs them. And immediately log this information.
  • Regularly review and revise the lists of rights. Remember to revoke obsolete permissions.
  • Register corporate resources only to corporate addresses. No matter what the advantages of setting up a personal account may be, or how reliable the employee may seem, keep in mind that you have a business relationship that sooner or later will run its course. Domain names, social media accounts, and website control dashboards are ultimately company assets, and it is short-sighted to relinquish their control to staff.
  • Block all access rights and accounts of ex-employees as soon as possible, ideally as soon as you inform them of their dismissal.
  • Do not openly discuss possible staff layoffs and restructuring, and when listing an ad to fill a specific position, remember that it may be seen far beyond the applicant pool.
  • Try to maintain good relations with all employees and a friendly atmosphere in the workplace. Cyberattacks against a former employer are often driven not by greed, but by bruised feelings.

  • Latest Press Release

    The first time in Thailand! #Facebook Gaming #PUBG MOBILE are collaborating in launching the campaign PUBG Mobile Creator Challenge

    To support Thai gaming creator communities, build up the various of eSports contents and create new career opportunities in the streaming era During the "PUBG MOBILE Thailand Championship official partner by AIS" event, There was an announcement of the...

    Low-Code Is the Future - OutSystems Named a Leader in the 2019 Gartner Magic Quadrant for Enterprise Low-Code Application Platforms

    Gartner estimates that "by 2024, low-code application development will be responsible for more than 65% of application development activity." OutSystems, provider of the number one low-code application development platform, was named a Leader in the new...

    Photo Release: AIS joins Huawei to confirm the important alliance after the 5G test via Smart City successfully.

    Mr. Somchai Lertsutiwong, Chief Executive Officer AIS and Mr. James Wu, President of Huawei's Southeast Asia, collaborate as a strategic on the occasion of Prince of Songkla University at Hat Yai campus and NBTC, with AIS to do 5G test in the concept of...

    Summertime and the DDoS is easy: Q2 saw 18% rise in attacks compared to last year

    In the second quarter of 2019, the total number of DDoS attacks grew by 18%,compared to the same period in 2018. Application-layer attacks, which are more difficult to organize and protect against, showed significant growth – increasing in quantity...

    Kaspersky to open first Transparency Center in APAC

    In line with its drive towards building trust in the cybersecurity industry, Kaspersky today announces the opening of its first Transparency Center in Asia Pacific, in partnership with CyberSecurity Malaysia – Malaysia's national cybersecurity...

    Related Topics