Not every cyberattack is an outside job. The FBI and Department of Homeland Security warned this week of an increase in attacks against businesses by current and former employees — disruptions that can cost companies millions of dollars to address.
So how does it happen?
Say a worker is fired. Escorted out. Email shut down. Her old company could still be vulnerable to digital retaliation, like the destruction of data or the theft of proprietary information.
Cameron Camp, a security researcher with ESET North America, says IT workers in particular tend to have a backdoor login.
“It would be like trying to get into your old apartment,” he says. “You know which key gets in to the back way that nobody else knows about. And you also know the lay of the land.”
The FBI did not provide data on how many companies have had their networks disrupted by disgruntled or former employees. It did say it can cost companies thousands, even millions of dollars to repair damage from stolen data, to add network countermeasures and to purchase credit monitoring services for employees and customers in the aftermath of a data breach.
You don’t have to be an IT professional to create that kind of damage, though. The FBI is warning that the business use of personal email and cloud storage websites, like Dropbox, make theft easier. Think how often we exchange work information through informal channels.
“When you have company resources flowing through systems that are not under company control, when somebody leaves they still have access,” says Dan Kaminsky, chief scientist of the anti-fraud firm White Ops.
Security researcher Cameron Camp says companies should have single sign-in systems. That means employees log in the same way for everything, including email, remote access and even cloud properties. That way all access can be shut down at once.
There’s another thing companies can do, he adds.
“Be nice to your employees.”
Plus, that’s free.
As a nonprofit news organization, our future depends on listeners like you who believe in the power of public service journalism.
Your investment in Marketplace helps us remain paywall-free and ensures everyone has access to trustworthy, unbiased news and information, regardless of their ability to pay.
Donate today — in any amount — to become a Marketplace Investor. Now more than ever, your commitment makes a difference.