Recession Turns IT Workers Into Hackers

Robert Siciliano Identity Theft Expert

What a nasty headline for an article.

From ABCnews.com the journalist roasts IT professionals on a spit. And the comments were all inspiring.

As the recession rears its ugly head, disgruntled ex employees are in the best position to drop a bomb in the companies network or suck all the data out with a few terabyte drives.

A recent study by McAfee and Purdue University put the tally of fraud, data loss and damage done at 1 trillion dollars. A thousand billion sounds like a lot of money.

To paraphrase some of the comments;

No matter how you look at it, when heads start to roll, most people that are about to be let go feel unjust and express hostility towards the employer (often, rightly so). These are the same people who were loyal company employees for years. Unfortunately, these are no win-win situations when it comes to the downsizing and companies should take proper actions to address it.

Your system admin is the gate keeper. Anyone who has access to sensitive data can potentially abuse the privilege. The loan officer, the loan processor, the secretary, the human resources gal two cubes down the hall, the cleaning people that take out our trash at night… Without proper controls in place anybody can be the bad guy. On the other hand, with adequate management these issues can be avoided, even when it comes to IT employees.

Manage your end points, your USB devices, your computer ports, your printers… Segregate your system administration roles. Tools are there. And who is going to implement them? Your IT guy. (thank you Sashimi11)

With the incredible amount of layoffs occurring, companies are bound to layoff an employee who will exact some revenge. Some say “Companies whose knee-jerk response is to cut costs by canning employees deserve some wrath”. But, in the end, the wrath doesn’t get you your job back. (thank you Patches777)

Most are working individuals, doing what they do best. All the while staying under the radar, and afraid, just like everyone else, of the threat of layoffs. The latter doesn’t mean an internal flip is switched and they bug out and start stealing trade secrets. (thank you kyleratliff)

On another note, as budgets are cut and IT pros are let go, the show must go on.

Bill Lynch of RazorThreat said to me “We are encountering lots of very frustrated CIO’s who are caught on the horns of a dilemma…their IT budgets and headcount are being slashed but their CEO’s are simultaneously demanding that they reassure them and the Board of Directors that they are not vulnerable to the same kinds of cyber attacks that have plagued some big firms lately.

They know they cannot afford to buy complex, expensive and difficult to deploy new security software and the people to manage them and yet they have to stand before the Board and profess that their networks are secure”.

The fact is, data breaches will continue and IT will often be to blame. There is a light at the end of the tunnel. There are numerous technologies that won’t break the bank and will keep the BOD happy. Companies have to consider numerous threats of theft and mayhem. Review security policies and who has access to what and why. In the end make sure employees are let go with dignity and respect.

Robert Siciliano Identity Theft Speaker discussing Credit Card Fraud Here

Tags: identity, speaker, theft

Comment

You need to be a member of Reviews, News, and How To Geeks to add comments!

Join this Ning Network

Comment by Jacob Tidwell on March 12, 2009 at 7:23pm: I can see why the companies would be concerned, thought not all hackers are bad, many can turn to ethnical hacking, but some turn to criminal hacking or become crackers, i am a networking manger my self plus a student and I have noticed are IT budget is cut very bad, such as now we are struggling to buy ink for the printers, thought there are many hackers that have a set code of conduct, such as I do security testing, I could hack the computer systems but I don’t, people need to remember that in this economy there will be less and less jobs, so some people think to crack a bank account would be better than working is there choice, I do not thank them or think they have a reason them, I think it is wrong, but the term hacker is put down to much and is used to negatively, hackers are used every day for help IT systems, and it PO me when people say there is a hacker in my system, I am like no that is cracker,
the term cracker, to destroy something, to CRACK the code, now the system i like better thought to label hackers would be the hat system, white hat, for ethnical hacking, black hat for criminal hacking, blue hat, gray hat for kind of a mix type person, blue for somebody that known cracking but dose not use it etc, there are so many different labels, but I think the term hacker is abused, not all hackers are bad, most are it people and help out different companies, so really I think your right the economy will turn the IT techs in to hackers, but not all bad.

Comment by Phoobar on March 12, 2009 at 11:50am: Totally agree that getting revenge against a company will get you nothing but heartbreak...a criminal record and ruin you if this economic upheaval becomes better.

On the other hand...you will find the many dishonest companies/employees will use pirated or illegal software. With this being the case...you can always contact the Business Software Alliance. Not only will you earn a reward if they find pirated software...but you will have a clean conscience.