In a note on the US Homeland Security website the FBI said that the insider threat is a very real one, presumably because it has cottoned on to the whole Edward Snowden and NSA thing, and employees represent a "significant risk" to networks and proprietary information. In its advice the FBI suggests that firms be on the lookout for people who look glum, have personal email addresses and use things like Dropbox.
"The exploitation of business networks and servers by disgruntled and/or former employees has resulted in several significant FBI investigations in which individuals used their access to destroy data, steal proprietary software, obtain customer information, purchase unauthorised goods and services using customer accounts, and gain a competitive edge at a new company," the FBI said, recommending that firms look out for poisoned exit strategies.
"The theft of proprietary information in many of these incidents was facilitated through the use of cloud storage web sites, like Dropbox, and personal email accounts. In many cases, terminated employees had continued access to the computer networks through the installation of unauthorised remote desktop protocol software. The installation of this software occurred prior to leaving the company."
Some rascals have left companies only to return and extort them for access to websites and other information, added the note, and the FBI admitted that it spends a fair amount of time looking into such capers and that companies can spend between $5,000 and $3m recovering from them.
The FBI had some recommendations for organisations. First it recommended that companies change network access passwords when someone leaves, and delete that person's credentials from the system. It also said that passwords should not be shared, either by people or systems, and that they should be changed from any defaults.
It didn't say this, but it is also a truism: You should not iron your trousers while you are wearing them.
No comments:
Post a Comment