BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Disgruntled Workers Hacking Employers Is On the Rise, FBI Says

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Wed, 24 Sep 2014 21:06:54 -0600
http://www.fa-mag.com/news/disgruntled-workers-hacking-employers-is-on-the-rise--fbi-says-19291.html

Employees with an ax to grind are increasingly using Internet cloud
services and other computer tools to hack their current or former
companies, the Federal Bureau of Investigation and Homeland Security
Department said.

The workers use services like Dropbox Inc.’s cloud storage or software that
lets them gain remote access to corporate networks and steal trade secrets
and other data, the agencies said in a public service notice yesterday on a
government Web site. Companies victimized by current or former employees
incur costs “from $5,000 to $3 million,” the agencies said without naming
specific companies or incidents.

The thefts have “resulted in several significant FBI investigations” in
which individuals used their access to destroy or steal data, obtain
customer information and commit fraud using customer accounts, according to
the notice. The alert comes as Home Depot Inc. and JPMorgan Chase & Co.
have confronted hacking attacks suspected of coming from outside the
companies and shows that companies need to be alert to insider threats.

“While corporations devote significant resources to protecting against
external threats, managers must also remain aware of the potential damage
that can be caused from within by employees intent on causing harm to
network systems,” an FBI spokesman, Joshua Campbell, said in a statement.

The hacking also can give an individual a competitive advantage at a new
company, according to the alert.

“Multiple incidents were reported in which disgruntled or former employees
attempted to extort their employer for financial gain by modifying and
restricting access to company Web sites, disabling content management
system functions, and conducting distributed denial of service attacks,”
the agencies said.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!
Previous By Date Next
Previous By Thread Next

Current thread: