As a good reminder that you should never discount the insider threat, the news that a disgruntled former employee of Nachrichtendienst des Bundes (NDB) – the Swiss intelligence agency – has been caught exfiltrating massive amounts of confidential information from the agency’s systems has hit the press on Tuesday.
According to Reuters sources who are privy to the details of the ongoing investigation in the matter, the individual in question has worked for NBD – and thusly for Switzerland’s Defense Ministry – for the last eight years.
He was considered to be a talented senior IT technician and has consequently been given administrative access to most of the agency’s networks and servers, from which he transferred terabytes of highly sensitive data via portable storage devices.
The drives and the data was found during a raid on the technician’s home, and it is believed that he intended to sell the stolen information to foreign governments.
The investigators believe that they managed to seize the equipment before he had the chance of finalizing his plan, but the CIA, MI6 and other intelligence agencies who shared their data with the NBD have been informed of the incident just in case.
Signs that something might not be quite right with the technician started earlier this year, when he began failing to show up for work. Still, nobody investigated the reason behind this inconsistent behavior.
The agency began the investigation only after the largest Swiss bank tipped them off about a potentially suspicious attempt to set up a new numbered bank account, and they discovered that the technician was behind it.
A European source has suggested that the reason why no one at the agency caught this earlier was because its human resources staff and its information technology staff were part of the same subdivision, which would make an investigation into one of the division’s employees difficult or confusing.
A Swiss parliamentary committee set up to investigate the data theft is expected to report on its findings next spring.