Secret Service: Inside Attacks Generally Launched By Problem Employees
The key indicator is a repeat "problem child" who continually argues with fellow employees, complains about salary or benefits, or is otherwise aggressive or hostile.
Brian Robak, a network security analyst at National Cooperative Bank, used to manage the company's help desk workers back when he was the LAN manager. Being a manager is never an easy chore, but there was one employee who generally made his job a nightmare.
Robak says he was reluctant to take the management position in the first place because of this one woman who was hired to lead the help desk. Far from being a leader, she was the epitome of the problem employee. She had a bad attitude, he says, and apparently felt no qualms about displaying it. Assigned the task of being a liaison with the users at the bank, Robak frequently had to deal with complaints that she would end a conversation with a user by cursing about them and slamming the phone down. The cursing part came while the user was still on the line.
- How Attackers Identify and Exploit Software and Network Vulnerabilities
- Quick Tips for Managing Mobile Users
White PapersMore >>
- Strategy: 3 Steps to a Hands-Free Cloud
- Best Practices: Using Apple's Global Proxy to Boost Mobile Security
Robak says the problems started about six months into her tenure at National Cooperative and she continued to work there for about another three years.
"She was a beast," he says. "And she was even worse to other technical people when she'd have to talk to them on the phone." Robak says she got into a screaming match with him over summer hours, loudly informing him that he wasn't the boss of her. The help desk manager's own boss had to come running to deal with the situation.
This behavior didn't get her fired, however. The bank had a policy of working with employees and trying really hard to iron out bad situations. They offered her free conflict-management counseling.
Ultimately, she was caught giving her friends in the bank higher levels of access than they were supposed to have. A domain administrator, the woman had full access to all of the bank's workstations and servers. She changed access rights for her pals, allowing them to bypass the Web proxy used to restrict access to objectionable Web sites. Ignoring company security policies, she even allowed her friends to download prohibited software, potentially opening the network up to virus and hacker attack.
The woman eventually left to take another job. "As her manager, I was genuinely concerned that she was putting our network in danger," says Robak, adding that late in her time at the bank he restricted her server access.
Robert Sica, special agent in charge at the U.S. Secret Service, would contend that the bank got off easy. It could have wound up going very badly, as it has in other situations, where a disgruntled insider has caused major systems or network damage.