04:56 PM

Secret Service: Inside Attacks Generally Launched By Problem Employees

The key indicator is a repeat "problem child" who continually argues with fellow employees, complains about salary or benefits, or is otherwise aggressive or hostile.

Brian Robak, a network security analyst at National Cooperative Bank, used to manage the company's help desk workers back when he was the LAN manager. Being a manager is never an easy chore, but there was one employee who generally made his job a nightmare.

Robak says he was reluctant to take the management position in the first place because of this one woman who was hired to lead the help desk. Far from being a leader, she was the epitome of the problem employee. She had a bad attitude, he says, and apparently felt no qualms about displaying it. Assigned the task of being a liaison with the users at the bank, Robak frequently had to deal with complaints that she would end a conversation with a user by cursing about them and slamming the phone down. The cursing part came while the user was still on the line.

Robak says the problems started about six months into her tenure at National Cooperative and she continued to work there for about another three years.

"She was a beast," he says. "And she was even worse to other technical people when she'd have to talk to them on the phone." Robak says she got into a screaming match with him over summer hours, loudly informing him that he wasn't the boss of her. The help desk manager's own boss had to come running to deal with the situation.

This behavior didn't get her fired, however. The bank had a policy of working with employees and trying really hard to iron out bad situations. They offered her free conflict-management counseling.

Ultimately, she was caught giving her friends in the bank higher levels of access than they were supposed to have. A domain administrator, the woman had full access to all of the bank's workstations and servers. She changed access rights for her pals, allowing them to bypass the Web proxy used to restrict access to objectionable Web sites. Ignoring company security policies, she even allowed her friends to download prohibited software, potentially opening the network up to virus and hacker attack.

The woman eventually left to take another job. "As her manager, I was genuinely concerned that she was putting our network in danger," says Robak, adding that late in her time at the bank he restricted her server access.

Robert Sica, special agent in charge at the U.S. Secret Service, would contend that the bank got off easy. It could have wound up going very badly, as it has in other situations, where a disgruntled insider has caused major systems or network damage.

1 of 3
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of July 24, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.