Logging in from a Smyrna, Georgia, McDonald's restaurant, a former U.S. pharmaceutical company employee was able to wipe out most of the company's computer infrastructure earlier this year. The ex-worker, age 37, formerly an IT staffer at the U.S. subsidiary of Japanese drug-maker Shionogi, pleaded guilty August 16 to computer intrusion charges in connection with the February 3 attack. He wiped out 15 VMware host systems running e-mail, order tracking, financial, and other services for the Florham Park, New Jersey firm. The February 3 attack effectively froze Shionogi operations for a number of days, leaving company employees unable to ship product, to cut checks, or even to communicate via e-mail, the U.S. Department of Justice said in court filings. Total cost to Shionogi: $800,000. The man resigned from the company in July 2010 after getting into a dispute with management, but was kept on as a consultant for 2 more months. Then, in September 2010, the drugmaker laid off the man and other employees, but it not revoke all passwords to the network. Using a Shionogi account, the man was able to log into the network from a public McDonalds Internet connection, and fire up a vSphere VMware management console he had secretly installed on the network a few weeks earlier. Using vSphere, he deleted 88 company servers from the VMware host systems, one by one. He was charged in July. He faces a maximum of 10 years in prison when he is sentenced November 10.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 December

This month, Security magazine brings you the 2020 Guarding Report - a look at the ebbs and flows security officers and guarding companies have weathered in 2020, including protests, riots, the election, a pandemic and much more. Industry experts discuss access management and security challenges during COVID-19, GSOC complacency, the cybersecurity gap, end-of-year security career reflections and more!

View More Create Account

One Former Employee Can Bring Down a Company

Fired But Able to Access Files

Blog Topics

Security Blog

On the Track of OSAC

Recent Comments

Insufficient information

Thankyou so much for sharing such an informative...

I just wish my mechanical lock had a...

security

Security

Blog Roll

Security Industry Association

Security Magazine's Daily News

SIA FREE Email News

SDM Blog