IT Employee Piggybacked on Cyberattack for Personal Gain

Cyber Security Threat Summary:
A former IT employee of an Oxford-based company has been convicted of blackmailing his employer and unauthorized access to a computer for personal gain. After a cyber security incident at the company, the employee took advantage of the breach by accessing a board member's private emails, altering the original blackmail email, and changing the payment address. He hoped to receive the ransom payment himself. The unauthorized access was discovered, and the employee was traced back to his home, leading to his arrest. Despite initially denying involvement, he pleaded guilty during a recent court hearing and will be sentenced in July.

Security Officer Comments:
This case highlights the threat posed by malicious insiders within organizations. While some insider threats may result from negligence or ignorance, this incident demonstrates a more sinister scenario involving a malicious and opportunistic individual. Malicious insiders leverage their authorized access and privileges to engage in harmful and illegal activities. Organizations need to be vigilant in implementing robust security measures and monitoring systems to detect and prevent such insider threats.

Suggested Correction(s):
Establish strict access controls, ensuring that employees have only the necessary access privileges for their respective roles. Regular monitoring and auditing of employee activities enable the detection of any suspicious behavior. Providing security awareness training to employees helps educate them about the risks of insider threats and encourages the reporting of any unusual activities. Implementing separation of duties, where different individuals are assigned specific responsibilities, minimizes the risk of collusion. Deploying data loss prevention (DLP) solutions assists in detecting and preventing unauthorized access or data leakage by insiders. Lastly, fostering a culture of security that promotes transparency and accountability among employees is essential.

Link(s):
https://www.helpnetsecurity.com/2023/05/24/it-employee-blackmailing-company/