FBI warns cyber sabotage, extortion by disgruntled employees rising

Disgruntled workers are increasingly exacting their revenge on their employers by using their access to company computers to engage in cyber-sabotage, the FBI is warning. Others are using their access to extort money from their employers by threatening sabotage.

The FBI has engaged in numerous “significant” investigations in recent months involving employees who used their access to company servers to destroy data, steal customer information, make unauthorized charges to company accounts and steal trade secrets.

Financial damage varies widely, but has climbed as high as $3 million in some cases. The FBI alert did not identify any of the companies related to the investigations or give a time frame for any of the incidents. Some companies, such as Target and Home Depot, have been hit by high-profile cyber security attacks in the last year, though the sources of the attacks are not clear.

Some hacking activities continued long after the employee had been fired from the company. “In many cases, terminated employees had continued access to the computer networks through the installation of unauthorized remote desktop protocol software,” noted a joint alert from the FBI and the Department of Homeland Security sent out earlier this week.

In multiple other cases, nothing was stolen or destroyed, but current and former employees threatened to restrict access to company websites, disable content management system functions or conduct denial of service attacks unless the company paid them extortion money.

“It’s the inside threat that has always been at the top of the list,” said Frank J. Cilluffo, associate vice president and director of George Washington University’s Homeland Security Policy Institute. It’s easier to attack if you already have a level of inside access, he noted.

That the FBI is reporting an increase is notable because many crimes are never reported to law enforcement in the first place, Cilluffo added.

A 2014 survey of cybercrime by Carnegie Mellon University and funded by the Department of Homeland Security found that three-fourths of the time the companies dealt with “inside intrusions” internally and did not disclose the incident to authorities.

Cilluffo added that the recent, high-profile government breaches by Chelsea Manning and Edward Snowden also may have prompted law-enforcement officials to take a closer look at inside jobs.

The FBI recommends that businesses conduct regular reviews of their Internet security protocols, back up all key information and terminate all accounts associated with employees or contractors after their dismissal.

Related Content