The malicious hacking employee

February 15, 2022/Terry Cutler/Comments Off on The malicious hacking employee
razvan-chisu-Ua-agENjmI4-unsplash

Overly disgruntled employees turning to malicious hackers

From the experienced human resources leader to the new employee, security awareness training will foster a defence culture that would protect the company against the unprecedented rising ransomware attacks and, now, the malicious employee!

As I reported in January 2022 in Small to medium-sized business owners vulnerable to ransomware, since March 2020, nearly 25 percent of Canadian small businesses have experienced some type of malware attack, according to an October 2021 Leger survey commissioned by the Insurance Bureau of Canada. And employees, the angry, are targets. See also Unforeseen levels of ransomware attacks predicted for 2022

Employee carelessness not a new problem

The same problem remains—careless staff members don’t pay attention to the security of their passwords or miss the phishing warning signs and click on those enticing links and attachments. Employees exposed to malware will bring the malware to the office, even off the job site. 

And what about those malicious employees? Some employees are just plain disgruntled or already victims of a hacker. Some are so disgruntled they might be in on the hack and promised a reward for their disloyalty. A hacker may know when to troll the discontented—at a low point when revenge is percolating. 

Employee anger

Cybercriminals trolling for disgruntled employees is not new. 

A disgruntled employee, known as an insider threat or someone about to be fired, may even create an account on the dark web, presumably to accept a percentage of the company’s ransom payment. 

  • The company has repeatedly passed them over for promotion. 
  • They feel cheated out of raises. 
  • They don’t feel valued by their employer. 
  • They think they’re being taken advantage of.
  • They are jealous of a colleague’s promotion. 
  • Other people take credit for their work
  • A grievance that goes unanswered.

No malicious experience required

The level of knowledge today, even in malicious employees with little on-the-job digital experience, is enough to turn any employee into a hacker. The insider with experience knows company systems, organizational policies, and even IT departments. 

Christopher Dobbins, as an example, of Duluth, Georgia, a former vice president of Stradis, a medical device packaging company, in 2021, pleaded guilty to charges of sabotaging electronic shipping records, causing more than $200,000 in damage and delaying the shipment of PPE during the COVID-19 pandemic.

Our Cyology experts understand cybersecurity is encompassing. We are the experts in preventing hackers inside your networks. 

Watch our latest video to save your business from Cyber Attacks – https://youtu.be/Z4eKHxE6mnU or head over to https://www.cyologylabs.com/start to learn more!

Posted in , , ,

Terry Cutler

I’m Terry Cutler, the creator of Internet Safety University, an educational system helping to defend corporations and individuals against growing cyber threats. I’m a federal government-cleared cybersecurity expert (a Certified Ethical Hacker), and the founder of Cyology Labs, a first-line security defence firm headquartered in Montréal, Canada. In 2020, I wrote a bestselling book about the secrets of internet safety from the viewpoint of an ethical hacker. I’m a frequent contributor to National & Global media coverage about cyber-crime, spying, security failures, internet scams, and social network dangers families and individuals face daily.