Businesses are being warned to guard against disgruntled employees wreaking havoc on company computer systems.
There has been an increase in computer network exploitation and disruption by unhappy or former employees, according to a new warning from the FBI and Department of Homeland Security (DHS). The agencies say that because of authorized access to sensitive information and the computer network companies rely on to function, fired and dissatisfied employees are posing a significant cyberthreat to U.S. businesses.
In recent months, the FBI has launched several investigations into cases in which individuals used their access to destroy data, steal proprietary software, obtain customer information, purchase unauthorized goods and services using customer accounts, and gain a competitive edge at a new company.
In many of these situations, the theft of proprietary information was enabled through the use of cloud storage websites and personal email accounts, according to the FBI and DHS. Often, fired employees continued to access their former employer's network via unauthorized remote desktop software that they installed before leaving. [Cybersecurity Neglected at Most Small Businesses ]
In other incidents, disgruntled and former employees have attempted to extort their employer for money by modifying and restricting access to company websites, disabling content management system functions and conducting distributed denial of service attacks.
These types of incidents can cost businesses thousands and even millions of dollars. A review of recent FBI investigations discovered businesses incur costs ranging from $5,000 to $3 million due to incidents involving disgruntled or former employees. Businesses said the costs included a variety of factors, including the value of stolen data, the cost of information technology services, the establishment of network countermeasures, fees from legal expenses, loss of revenue and/or customers and the purchase of credit monitoring services for employees, and customers affected by a data breach.
To help prevent these incidents, the FBI and DHS offer several recommendations:
- Conduct regular reviews of employee access and delete accounts that aren't need to perform daily job responsibilities.
- All accounts associated with an employee or contractor should be terminated immediately upon dismissal.
- Change administrative passwords to servers and networks following the release of IT personnel.
- Avoid using shared usernames and passwords for remote desktop software.
- Don't allow the use of the same login and password for multiple platforms, servers or networks.
- Alert third-party service companies that provide email or customer support when employees have been let go.
- Restrict Internet access on corporate computers to cloud storage websites.
- Don't allow employees to download unauthorized remote login applications on corporate computers.
- Maintain daily backups of all computer networks and servers.
- Require employees to regularly change their passwords on corporate accounts regularly, since the default password provided by IT staffs are never changed.
Businesses that believe a former or disgruntled employee has targeted them are encouraged to report the incident to their local FBI office or file a complaint online at ic3.gov.
Originally published on Business News Daily.