An interesting post at naked security reminds us that internal threats can be just as bad as hackers infiltrating our networks. The FBI is warning businesses that disgruntled employees are using electronic tools to get back at their employers. Specifically, they identify the Dropbox cloud storage service as a method to steal trade secrets or proprietary software. We have to agree with that since we see it many times in our digital forensic cases. In addition, unauthorized remote access tools such as RDP (remote desktop protocol) provide terminated employees with a “back door” into the company network. Employees will also connect a wireless router to the company network so that they can attach while sitting in the parking lot.
The cost of the malicious insider cyber-sabotage acts tend to run from $5,000 to $3 million. That should get your attention. This is yet another reason to be scanning your computing infrastructure for the installation of unauthorized equipment or software. Dropbox in particular can “lift” a bunch of data from your network without your knowledge. Besides using technology to try and stop what the disgruntled employee is doing, make sure you have policies in place (computer use policy, electronic communication policy, authorized equipment policy, etc.) and have each employee sign them. If the disgruntled employee is terminated, make sure they also sign a statement that they have no company data in their possession and that they acknowledge that future access to the company network is a crime.