The FBI and DHS have issued a warning to businesses about the increase in security incidents involving malicious insiders (current or former employees, contractors, or other business partners).
“The exploitation of business networks and servers by disgruntled and/or former employees has resulted in several significant FBI investigations in which individuals used their access to destroy data, steal proprietary software, obtain customer information, purchase unauthorized goods and services using customer accounts, and gain a competitive edge at a new company,” they noted.
“The theft of proprietary information in many of these incidents was facilitated through the use of cloud storage Web sites, like Dropbox, and personal e-mail accounts. In many cases, terminated employees had continued access to the computer networks through the installation of unauthorized remote desktop protocol software. The installation of this software occurred prior to leaving the company.”
There have also been a few extortion attempts where disgruntled or former employees attempted to extort money from their employer by modifying and restricting access to company Web sites, disabling content management system functions, and conducting DDoS attacks.
The Bureau notes that security incidents involving insiders can cost the company a pretty penny, and have shared a set of recommendations for preventing such incidents from occurring within their organization.
These include terminating employee access to accounts they don’t need access to, terminating dismissed employees’ or contractors’ accounts immediately, changing any administrative passwords they had knowledge of, preventing employees from accessing cloud storage Web sites and downloading unauthorized remote login applications on corporate computers, and more.