|
Corporations lose millions every year to data theft. Increasingly,
say experts, it's not hackers but company insiders who are the culprits.
We look at this growing trend.
There was a time when vindictive former employees sought revenge by
pilfering some office supplies or spreading a juicy rumour about the boss.
But in today's computerized offices, angry workers and disgruntled employees
can access computer systems and destroy data, potentially causing millions
of dollars in damage. This week on "CyberCrime" we take a look at the
rising
number of corporate sabotage incidents attributed to former employees, and
what companies are doing to stop them.
We interview Richard Hunter, an analyst with Gartner, who says that while
cyber sabotage is rampant and rising, companies are usually too embarrassed
to report cases. A recent FBI survey of anonymous companies showed 85
percent had a computer intrusion in the last year. Of these intrusions, 30
percent were from outside hackers, while 70 percent came from people
associated with the company.
Despite the wall of silence, we managed to dig up some notable cases of
employee sabotage. Below you'll find five examples of disgruntled employees
who wreaked havoc on corporate computer systems and ended up in jail.
Crashing Forbes
A Forbes computer technician deliberately caused five of the
publisher's eight network servers to crash as retribution for his
termination from a temporary position. All the information on the affected
servers was erased, and no data could be restored. As a result of this one
act of sabotage, Forbes was forced to shut down its New York operations
for two days and sustained losses in excess of $100,000.
Email overload
Lockheed Martin's email system crashed for six hours after an employee
sent 60,000 co-workers a personal email message complete with a request
for an electronic receipt. The defense contractor, which posts 40 million
emails a month, was forced to fly in a Microsoft rescue squad to repair
the damage caused by the employee.
Data destruction at Verizon
A 32-year-old Florida man pleaded guilty to a charge of intentionally
damaging protected computers at a network support center owned by Verizon
Communications. Verizon said that at 3 a.m. on a weekday the employee
began to erase data contained in the computers and entered a command that
prevented anyone from stopping the destruction process. His actions
resulted in more than $200,000 in damage. He now faces up to 10 years in
prison and a $250,000 fine.
Server sabotage
A Hewlett-Packard employee sabotaged important tests on one of HP's new
computer servers, giving it lower performance results that cost millions
of dollars in resources and lost sales, according to a lawsuit filed by
HP. Just before he was fired, the employee reformatted important computer
disks, cut cables to the test computer, and altered logs to try to hide
his acts. HP says it spent more than $1 million trying to fix the
problems. HP also alleges that the employee copied email records, accessed
private computer systems, and transferred confidential information outside
the company. HP is asking that the ex-employee be forced to pay
unspecified damages.
Omega's $10 million software bomb
Omega Engineering suffered losses of $10 million when a terminated
network manager detonated a software time bomb he had previously planted
in the network he helped create. The bomb paralyzed Omega, a manufacturer
of high tech measurement and control devices used by the Navy and NASA.
The malicious software code destroyed the programs that ran the company's
manufacturing machines. One fateful morning, a worker at Omega's
manufacturing plant booted up the central file server that housed more
than 1,000 programs and the specifications for molds and templates.
Immediately after the bootup, the server crashed, erasing and purging all
the programs on it. The incident led to 80 layoffs, and the company says
it caused the departure of several of its clients. | 
