Overly disgruntled employees turning to malicious hackers
From the experienced human resources leader to the new employee, security awareness training will foster a defence culture that would protect the company against the unprecedented rising ransomware attacks and, now, the malicious employee!
As I reported in January 2022 in Small to medium-sized business owners vulnerable to ransomware, since March 2020, nearly 25 percent of Canadian small businesses have experienced some type of malware attack, according to an October 2021 Leger survey commissioned by the Insurance Bureau of Canada. And employees, the angry, are targets. See also Unforeseen levels of ransomware attacks predicted for 2022
Employee carelessness not a new problem
The same problem remains—careless staff members don’t pay attention to the security of their passwords or miss the phishing warning signs and click on those enticing links and attachments. Employees exposed to malware will bring the malware to the office, even off the job site.
And what about those malicious employees? Some employees are just plain disgruntled or already victims of a hacker. Some are so disgruntled they might be in on the hack and promised a reward for their disloyalty. A hacker may know when to troll the discontented—at a low point when revenge is percolating.
Cybercriminals trolling for disgruntled employees is not new.
A disgruntled employee, known as an insider threat or someone about to be fired, may even create an account on the dark web, presumably to accept a percentage of the company’s ransom payment.
- The company has repeatedly passed them over for promotion.
- They feel cheated out of raises.
- They don’t feel valued by their employer.
- They think they’re being taken advantage of.
- They are jealous of a colleague’s promotion.
- Other people take credit for their work
- A grievance that goes unanswered.
No malicious experience required
The level of knowledge today, even in malicious employees with little on-the-job digital experience, is enough to turn any employee into a hacker. The insider with experience knows company systems, organizational policies, and even IT departments.
Christopher Dobbins, as an example, of Duluth, Georgia, a former vice president of Stradis, a medical device packaging company, in 2021, pleaded guilty to charges of sabotaging electronic shipping records, causing more than $200,000 in damage and delaying the shipment of PPE during the COVID-19 pandemic.
Our Cyology experts understand cybersecurity is encompassing. We are the experts in preventing hackers inside your networks.