Wednesday, January 14

Bad Guy Scenario

Here's a perfect example of the insider "bad guy" threat scenario. An unhappy ex-employee came back in through an Internet-based system and put malicious code on the company's customers' servers. He installed the code on 1000 servers and crashed 25 out of the 1000. The company reports a cost of $49,000 to find and fix the problem. They also say it could have cost $4.25 million if all 1000 servers had crashed.

The Lessons:

  • Be diligent about monitoring – catching this early saved close to $4 Million
  • De-Provision (it's unclear whether the employee still had an account)
  • Include hosted and Internet systems in your de-provisioning process
  • Do security audits to find and fill holes
Although I don't think the "bad guy" scenario happens nearly as much as the "good guy" security breach scenario, it has the potential to get very expensive very quickly.

1 comment:

Rafal said...

@Matt - What most people don't realize is that this type of incident is going to exponentially (or logarithmically) increase as the economy gets worse and more layoffs come.

Unhappy employees are your #1 priority in a hostile economic environment like this one... people are let go all the time and they should be locked out of *everything* before they know they're out. Otherwise... your company could be "out"... of business.