fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Insider threats in cybersecurity: When employees sabotage 

Insider threats in cybersecurity
Employees are considered the weakest link when it comes to the organisation’s cybersecurity. Provided that employees have access to the personal data that the organisation manages, employee sabotage is the biggest insider threat that must be addressed before it becomes a problem in the future.

Insider threats in cybersecurity: When employees sabotage 

Employees are the bloodline of each organisation. They are the ones who run the company and provide results based on their role or designation. For each designation, they have access to company resources such as a pool or personal data to do their work, although their access has some sort of level depending on their job description. 

Employees come and go. This is a normal scenario in the workplace. However, not all might have a simple exit in mind; some will most likely try to sabotage the company when it is least expected. This will now serve as an impending insider threat that no one will see coming, which is why it is important to acknowledge this before hiring the workforce.

We have seven ways to help you prevent employee sabotage in your company, but before we dwell on that, let’s first define insider threats and tackle some examples of how the disgruntled employee made employee sabotage. 

Insider threats, defined.

Insider threats provide a complex and dynamic risk to all critical infrastructure sectors’ public and private domains. Insider threat refers to the possibility that an insider (usually the disgruntled terminated employee) will utilise their allowed access or understanding of an organisation to do harm to that company. 

This harm can include purposeful, complacent, or inadvertent behaviors that jeopardise the organization’s integrity, confidentiality, and availability of its data, staff, or facilities. External stakeholders and DHS customers may find this generic definition more appropriate and adaptable for their organization’s purpose. 

Also Read: Guarding Against Common Types of Data Breaches in Singapore

Insider threats provide a complex and dynamic risk to all critical infrastructure sectors’ public and private domains.

We have here an example of employee sabotage after being laid off from the company. Having access to the company’s credentials, the employee disrupted the usual operations of the organisation.

A fired administrator compromises his former employer’s network by utilising outdated credentials. 

After being laid off, an I.T. system administrator disrupted the operations of his previous employer, a prominent financial firm in Hawaii, in the hopes of regaining his job. Casey K. Umetsu, 40, worked as a network administrator for the company between 2017 and 2019, when his contract was terminated. 

According to a news release from the U.S. Department of Justice, the defendant pled guilty yesterday to accessing his former employer’s website and making configuration changes to reroute web and email traffic to external machines. 

“After accessing the company’s configuration settings on that website using his former employer’s credentials, Umetsu made numerous changes, including purposefully misdirecting web and email traffic to computers unaffiliated with the company, thereby incapacitating the company’s web presence and email,” according to the U.S. Department of Justice. 

Umetsu took additional moves that effectively locked off the firm’s I.T. personnel from the website administrative panel, extending the business disruption for several more days. Umetsu acknowledged that his motivation for generating such havoc was to persuade his former employee to rehire him at a higher salary. 

“Umetsu criminally misused his employer’s privileged access credentials to disrupt its network operations for personal gain,” said U.S. Attorney Clare E. Connors. “Those who jeopardise the security of a computer network, whether government, company, or personal, will be investigated and penalised,” Connors added. 

After reporting the cybersecurity incident to the FBI, the victimised organisation eventually learned who was responsible for the sabotage. While Umetsu’s acts are reprehensible, the company’s security measures must be scrutinised because Umetsu utilised credentials that should have been invalidated the moment he was fired. 

Employees that are dissatisfied have a strong incentive to seek vengeance. They could sell access credentials on the dark web in addition to utilising them themselves. 

Employees come and go. This is a normal scenario in the workplace. However, not all might have a simple exit in mind; some will most likely try to sabotage the company when it is least expected.

We have a recently decided case from the PDPC that caused the organisation an SGD 12,000 penalty for a data breach due to an employee’s sabotage. 

Singapore: The PDPC reaffirms Terra Systems’ SGD 12,000 penalties for data security failure. 

On July 27, 2020, the Singapore Police Force informed the PDPC that a customer relationship management portal created by Terra Systems had been accessed and modified. 

The discovery of this unauthorised access was alarming, because the portal contains the personal data of persons served with “Stay-Home Notices” or SHN. It was found that crude remarks were found to have been inserted in the remarks field of cases in the Portal.

It turns out that the perpetrator is an unhappy ex-employee of the company. This ex-employee is believed to have obtained the daily common password by attending the morning Zoom briefing.

The perpetrator is believed to have directly obtained the daily common password from another employee who was unaware that his employment had been terminated. With this incident, the personal data of 125 individuals were exposed to the risk of unauthorised access.

For breaching the Protection Obligation under the PDPA, the Commission ordered Audio House to pay a financial penalty of S$10,000.

Tips for preventing employee sabotage in your firm 

1. Begin with your initial recruitment.

A thorough recruitment process can assist you in ensuring that you are hiring individuals that are a suitable fit for your company. Comprehensive reference checks, a dependable interview process, and personnel screening can all help to identify potential issues early on. 

2. Responsibility for actions.

Each employee must be aware of their own responsibility. Breaking down corporate objectives and showing how they relate on a team or employee level can help get everyone on the same page and working toward the same goal. 

3. On a need-to-know basis.

When it comes to information sharing, it’s important to assess who needs to know what and how much. Updating managers and employees are beneficial, but you must also protect yourself while dealing with sensitive material. 

4. Policies for protection.

Policies are an excellent approach to communicate your expectations to staff and can assist you in managing challenging personnel. Policies on social media use, behavior, and data protection can all aid in the prevention of employee sabotage. 

5. A feedback time and place.

Regular evaluations provide an opportunity to identify potential issues. You might utilise this time to solicit feedback and seek a resolution. If you need to refer back to past meetings, proper documentation is crucial. 

6. Don’t cut corners on security.

Change passcodes and revoke access when staff leave, or sooner if necessary. You should also safeguard your internet brand reputation. Monitor social media for brand mentions and answer any online complaints. 

7. Corporate culture.

An open and varied culture that encourages employee voice can keep you in touch with your workforce’s general well-being. If trouble is brewing, it may be time to get feedback or plan a team-building retreat. 

Contact your local H.R. Department today for guidance if you suspect employee sabotage or want to know how to best safeguard your business in the future.

Conclusion

Disgruntled employees seeking revenge after being fired are bad for your business. They serve as an insider threat that can be hard to contain especially if there is no protocol in place that is followed, especially for those employees that have greater access to the personal data that is handled and managed by the company. 

To help you minimise the possibility of such employee sabotage and protect your business, you can hire a Data Protection Officer if you still don’t have one. Aside from the fact that it is required under the PDPA to have DPOs, such officer helps organisations with their policies to ensure that they comply with data protection obligations. DPOs can also help set the standard operation procedures when it comes to leaving employees to prevent any possibilities of employee sabotage, like in the case of Terra Systems. 

Also Read: Vulnerability assessment Singapore: The complete checklist

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us