Print 17 comment(s) - last by Shadrack2.. on Jul 16 at 9:34 AM

Companies face constant threats from former employees, contractors

A new report released by Cisco indicates IT experts who have been laid off and cannot find new employment may turn to crime using the internet to support themselves.

In addition of targeting random people, it's possible disgruntled employees may also target former employers, Cisco warns, noting insiders familiar with security flaws at a former employer are especially dangerous.

Any company that uses short-term IT workers or contracted workers should pay close attention and "be particularly vigilant about the level and term of their access to sensitive data," Cisco said in its report.

The FBI arrested a former employee of the Federal Reserve Bank of New York, an information technology analyst, who was caught receiving loans under stolen identities.  Authorities discovered a flash drive that had loan applications totaling $73,000.

Companies are becoming increasingly concerned about former employees who leave the company with sensitive information, and possibly know how to continue accessing protected files and information from outside the company.

There also is a threat of botmasters -- normally tech-savvy criminals -- who spams millions of people.  Cisco spoke with one botmaster who said he knows someone able to make $5-10K weekly simply by phishing bank accounts from unsuspecting people.

IT experts must find ways to allow employees and contractors to have access to sensitive material, but ensure they are unable to take information away from the office.  Some companies ban employees from using USB keys from outside the office, or from plugging an MP3 player into a computer while at work.

Another noticeable problem is that laptops and other portable devices are being stolen, lost, or sold while containing sensitive material.  The U.S. military recently recovered an MP3 player from someone who discovered troop deployments and other government information on his music player he purchased from a local secondhand store.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

In other words...
By ryedizzel on 7/15/2009 2:21:54 PM , Rating: 5
...start hiring unemployed IT guys before we hack ur Internetz!!1

Seriously though, what is the point of making that official statement?

RE: In other words...
By FITCamaro on 7/15/2009 2:49:52 PM , Rating: 2
Yeah I'm kind of with you. Why bring this up and give them ideas?

RE: In other words...
By DigitalFreak on 7/15/2009 2:57:49 PM , Rating: 5
Probably to try and scare companies into buying more Cisco security equipment.

RE: In other words...
By borismkv on 7/15/2009 3:38:23 PM , Rating: 2

Specifically Cisco CSA 6. It is capable of locking down and auditing access to sensitive files and preventing copies to any type of media. In combination with a Cisco MARS, you can do a whole hell of a lot to stop this type of thing from happening. Realistically, though, the majority of the problem stems from under-educated and under-certified IT personnel that fail to follow industry best security practices. Either because they are too lazy or they are unaware. In particular, separation of duties (it's a lot harder to separate the duties of your IT staff when you fire half of them).

RE: In other words...
By Runiteshark on 7/15/2009 4:05:55 PM , Rating: 2
I got to use those at my last job, its pretty sweet. Although, I can't quite understand why more comapnies don't use it. Where I worked we had a massive Cisco discount.

RE: In other words...
By borismkv on 7/15/2009 7:53:18 PM , Rating: 2
Retail prices on Cisco DLP is usually about 50 bucks per system. On top of the 50 bucks per CSA license.

RE: In other words...
By HinderedHindsight on 7/15/2009 4:21:35 PM , Rating: 4
Even the best security practices cannot prevent some disgruntled employee with administrative access from stealing data. This has nothing to do with lazy/undereducated/undercertified IT personnel.

Why is it people (especially the techies themselves) seem to be overly critical of underskilled people, yet don't look at the practices of companies who hire them in the first place? Why does the adage "you get what you pay for" seem to apply to everything except employment?

These days, more companies are treating human technical resources (especially IT staff) as transient temp workers rather than important assets within their enterprise. Many companies don't invest in their technical employees (with cert courses, education, etc), underpay them, and in some cases, hold them under the lingering threat of job loss to outside contractors and outsourcing.

These practices that were created with the intent of saving money in the short run end up hurting the companies who implement them. Companies are willing to pay their finance people well to ensure they don't skim cash out of the bank accounts, why don't they apply the same policy to the people who hold all the keys to their data?

The point I'm trying to make is that there is no systemic or technical solution that a business can implement that will solve the human problem that companies create for themselves. Bad hiring practices, not investing in employees(in terms of salary, benefits and training ), and outsourcing produce very ripe conditions for data theft.

RE: In other words...
By Lord 666 on 7/15/2009 4:38:59 PM , Rating: 2
I was at Cisco Networkers in San Fran this year. Actually had the pleasure to be in a session on Data Loss Prevention with a Cisco speaker who is also ex-CIA. Real sharp guy who also has a PhD.

Anyway, asked him a scenario of people accessing systems remotely and copying client information with pen and paper. In other words, a situation where as an employee they are entitled to the information. His response was even with anomoly detection to find a sudden increased usage, the best defense against a lone gunman situation is written policy. Policy written with the terms that if clients ever move from company A to B that happen to be under your management, if they EVER leave to go to another company that the ex-employee also works at, the ex-employee would be liable. No sunset period or expiration of 18 months.

While non-compete have traditionally been found not to hold much legal weight as people need to make a living, stealing clients should not be covered by that.

RE: In other words...
By HinderedHindsight on 7/15/2009 5:07:56 PM , Rating: 2
I'm not sure how much this example applies; we're talking about data theft and security which takes on more forms than just clients shifting from one company to another because a sales person moved.

And again, all these isses can be mitigated by proper hiring practices, investing in your employees/paying them enough for the job they perform, and ensuring their job security. This is a much better solution for everyone involved than spending money on costly lawsuits, etc.

RE: In other words...
By Lord 666 on 7/15/2009 5:30:29 PM , Rating: 2
Your assuming too much from my example as there is much more to it. There are many types of "clients." My example is extremely relevant to data theft and security. By having a "forever" policy in place, it attempts to shift responsibility from the employer that is bound by federal/state/local regulations to the employee/ex-employee.

Proper hiring practices? Good employees can easily turn bad, be motivated by money, or just want to start their new job with a jump start. Believe it or not, the Cisco/ex-CIA person said it starts with the culuture and essentially pounding it into people's heads frequently with the "forever" policies.

RE: In other words...
By corduroygt on 7/15/2009 6:28:01 PM , Rating: 2
A "forever" policy may be challenged in court and lose, but a sunset period is reasonable.

RE: In other words...
By Targon on 7/15/2009 5:00:21 PM , Rating: 2
It becomes a networking issue when thousands of systems are hacked/compromised. Botnets and such CAN be shut down if they use standard ports, or even when it comes to identification of how the information is transferred, a firewall could hold the solution for shutting that sort of thing down.

So, security...Cisco knows that equipment is only one side of what they offer, so by showing they understand security concerns, they gain more respect by raising a valid issue. We NEED to see more people in IT hired in this country rather than just outsourcing jobs to India.

Sensationalist Bull *$## and Nothing More
By iFX on 7/15/2009 5:24:53 PM , Rating: 2
A thief is a thief is a thief. The fact that a person stealing company data is an IT person, or an unemployed IT person is irrelevant. This is a hit piece on IT people plain and simple. Bad form, Daily Tech - not that I'm surprised though since 95% of the "news" on this site is similar hack drivel.

By HinderedHindsight on 7/15/2009 10:08:03 PM , Rating: 2
I disagree. Who is doing the theft is extremely relevant. Ask any forensics analyst about the subject, they'll tell you that any details surrounding who the person is that's committing the theft often helps to catch the culprit.

Beyond that, who the culprit is might also provide insight as to how to prevent this type of theft in the future.

Journalism isn't always about just reporting what happened, but exposing the why. It is through the why that we might find solutions to problems before they occur.

By Shadrack2 on 7/16/2009 9:34:40 AM , Rating: 2
Both of you have valid points, although I would tend to think someone in Sales or Management would have a far better idea of what to actually do with stolen data than temporary IT staff.

Also, this should hint at the quality of the source material for the article:

"Cisco spoke with one botmaster who said he knows someone able to make $5-10K weekly simply by phishing bank accounts from unsuspecting people."

I don't think Judge Judy would allow that as evidence.

By HrilL on 7/15/2009 7:13:30 PM , Rating: 2
Cisco's income has gone down quite a bit since the recession started. This works for them in two ways. Managers see this and think look cisco knows about security and IT people see it and think hey cisco's trying to keep our jobs in country so they end up buying cisco parts because they want companies to promote keeping IT jobs in country and want good pay.

I've been laid off. Never have I even thought of stealing from my ex employer. I've even still got admin access to their domain and know all the local admin passwords as well. I could get in remotely and steal it all. Of course I may get that job back when they've got the money again. Plus without IT staff changing and managing all that stuff by someone else that knows nothing about it doesn't work out too well.

Simple fact its moral values are dear to me. I don't steal. and I'd rather starve then steal in such a way. I couldn't even be phone salesmen because it was too close to stealing from the people read script fast and rebuttals that trick them into getting something they don't need or want.

Good work Cisco at getting cash strapped companies to buy your products!

Wake up call to Small Business Owners
By Shig on 7/15/2009 6:32:15 PM , Rating: 1
The large corporations who have been running data farms for a while now know how important it is to protect your files, etc.

Small business owners need the wake up call. You can't even conduct business anymore without an IT structure. With most of them looking to their ISP's for help when something goes wrong. Rofl @ ISP's helping you is all I have to say.

"Vista runs on Atom ... It's just no one uses it". -- Intel CEO Paul Otellini
Related Articles

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki