Revenge on company networks in recent months appears to show a direct correlation between IT staff layoffs and internal security breaches.
IT companies are the main target of attacks in the U.S. with the Federal Bureau of Investigations (FBI) issuing a formal warning of a sharp, upward trend in security breaches from disgruntled ex-employees. The FBI said on its Web site that referrals to the agency are rising and Glenn Miller, managing director of Sydney-based security software firm Janteknology, said the threat is mirrored in Australia.
Miller said security threats within organizations are a high priority, but there is a low level of awareness among IT managers in Australia.
“This is particularly true with IT staff, such as systems administrators, because they have both the ability and the opportunity to cause serious damage,” he said. Access to one PC is not a real risk, Miller said, but IT staff can access an entire network. Multiplying the possible impact is the fact that Australian companies often don’t change passwords for access to servers and routers for weeks after an employee has been laid off.
“The lack of awareness is disturbing and perplexing with many companies reacting only after a breach; companies should have a layoff checklist,” he said.
Scholastic Australia IT manager Andrew Ogbourne agrees internal threats are a serious concern that can be countered only by strict procedures to manage passwords.
“This should apply regularly anyway, but particularly when someone leaves the organization; all user accounts need to be identified so they can be changed immediately,” Ogbourne said. “I agree that many Australian companies aren’t particularly careful in this respect, but we have fairly comprehensive procedures in place and haven’t experienced this type of breach.”
The FBI could not reveal exact numbers but noted that since the last downturn in the early 1990s the work force is more skilled and employees have greater access to company networks.