Inside hackers seen as $40bn threat for US employers

Updated September 28, 2014


— File Photo Reuters
— File Photo Reuters

WASHINGTON: Fired from a job as a technology contractor for a Toyota factory in Kentucky, Ibrahimshah Shahulhameed went home, logged into the company’s computer network and attacked it with programming commands.

It took the automaker months to fix the damage and landed Shahulhameed in prison. He is appealing the conviction.

While attention has been drawn recently to outsiders suspected of attacking companies such as Home Depot and JPMorgan Chase & Co., Shahulhameed’s case illustrates the growing threat from within.

US companies and organisations suffered $40 billion in losses from unauthorised use of computers by employees last year, according to SpectorSoft Corp. based in Vero Beach, Florida, which develops software that companies can use to monitor Internet activity of their workers.

“The most costly data breaches are usually those that are created by a malicious insider,” said Larry Ponemon, chairman of the Ponemon Institute, an information security research centre based in Traverse City, Michigan. “These people normally have access to things external hackers generally don’t have access to.”

The FBI this week issued a warning to companies about a rise in hacking by current and former employees. Insider threats, both intentional and accidental, were cited by more than 70pc of information security managers as their biggest concern in an April survey.

The workers often use cloud-storage services as well as personal e-mail accounts to transfer data, according to the Sept 23 public notice by the FBI and Homeland Security Department. Sometimes they remotely access computers, the warning said.

Companies have to balance giving employees access to information while monitoring for suspicious or abnormal behaviour, said Nimmy Reichenberg, vice president of marketing and strategy for Boston-based consulting company AlgoSec, which conducted the survey of IT managers.

“A lot of times it’s a matter of misconfiguration,” he said. “Should you be able to access your e-mail remotely? Absolutely. Should you be able to remote desktop into an e-mail service and get full control of an e-mail server? Probably not. That’s when bad things begin to happen.”

Jonathan Wolberg of Tucson, Arizona, sought revenge on his former employer, a cloud-computing company, according to prosecutors who didn’t name the employer. Wolberg was found to have secretly logged into the Virginia-based company’s networks following his resignation as a systems administrator in 2012 and shut down a server, according to the FBI.

The attack left hospitals responsible for surgery and urgent care without access to key information and cost hundreds of thousands of dollars to repair, according to the agency.

Wolberg pleaded guilty and was sentenced in April to 33 months in prison for intentionally causing damage to a protected computer, according to the FBI. He remains in prison, said his attorney, Jeff Zimmerman, a partner at the law firm Smith & Zimmerman in Alexandria, Virginia.

Shahulhameed “sabotaged various internal programs” and “improperly accessed proprietary trade secrets and information such as pricing information, quality testing data, and parts- testing data,’’ Toyota said in an August 2012 complaint filed in US District Court for the Eastern District of Kentucky.

He was convicted in February for intentionally damaging computers at the plant in Georgetown, Kentucky, after he was fired by a Toyota contractor, according to an FBI statement. He maintains his innocence and is appealing his conviction, said Derek Gordon, a partner with the law firm Anggelis & Gordon in Lexington, who filed the appeal. A spokesman for Toyota couldn’t be immediately reached for comment.

Employees who illegally access company networks can find themselves in violation of the 1986 Computer Fraud and Abuse Act. That’s what happened to Robert Steele of Alexandria, Virginia, who the FBI says used a secret administrative account to download proprietary documents from a government contractor where he previously worked.

Steele illegally sifted through thousands of documents belonging to his former company while working for another contractor that competed for government work, according to the FBI.

By arrangement with Washington Post-Bloomberg News Service

Published in Dawn, September 28th, 2014