FBI investigation on Shionogi security incident reveals the involvement of a former employee
When people leave the organization, does your enterprise have an effective ‘deprovisioning’ process in place to ensure that the former colleague will not continue to access the corporate network?
This question may sound trivial because as the saying goes ‘out of sight, out of mind’, most of the employees leaving the organization will not care to access the network of their old workplace. But, numerous security incidents across the globe prove that a handful of persons with malicious intent and disgruntled workers indeed try to wreak havoc on the business of their former employers.
The FBI has recently published the outcome of an investigation of a cyber-crime, in which a 37-year old techie gained unauthorized access to the network of his former employer,a New Jersey pharmaceutical company and deleted portions of its computer network and virtually crippled the operations of the organization for days together. It was a kind of revenge he was taking on his former employer!
Jason Cornish, 37, was an information technology employee at Shionogi, Inc., a United States subsidiary of a Japanese pharmaceutical company with operations in New Jersey and Georgia.
During September 2010, shortly after Cornish had resigned from Shionogi, the company announced layoffs that affected Cornish’s close friend. Annoyed Cornish decided to take revenge.
Cornish gained unauthorized access to Shionogi’s network from a public wi-fi network using administrative passwords to which he had access as an employee.
FBI investigation states:
Cornish then used the secretly installed software program to delete the contents of each of 15 “virtual hosts” on Shionogi’s computer network. These 15 virtual hosts (subdivisions on a computer designed to make it function like several computers) housed the equivalent of 88 different computer servers. Cornish used his familiarity with Shionogi’s network to identify each of these virtual hosts by name or by its corresponding Internet Protocol address.
The deleted servers housed most of Shionogi’s American computer infrastructure, including the company’s e mail and Blackberry servers, its order tracking system, and its financial management software. The attack effectively froze Shionogi’s operations for a number of days, leaving company employees unable to ship product, cut checks, or communicate by e-mail. Shionogi sustained at least $300,000 in losses responding to the attack, conducting damage assessments, and restoring the company’s network to its prior condition.” (Full Report …)
This security incident is a classic example for the kind of insider threats IT enterprises are prone to. A single disgruntled employee leaving the organization can wreak havoc to the very business, if user deprovisioning is not handled properly.
This requires a careful review of the access permissions granted to the employee, when he leaves the organization. The access has to be terminated and administrative passwords must be reset. Administrative passwords have to be reset at frequent intervals.
But, carrying out this task manually is cumbersome, time-consuming and error-prone. Automating the entire life-cycle of previleged password management is the key.
With an automated solution like Password Manager Pro, you can grant and terminate access to privileged passwords anytime on need basis. When an administrator leaves the organization, you can terminate access in minutes and also automatically reset the passwords, thereby avoiding these kinds of security incidents.
A secure vault for storing and managing shared administrative passwords and digital identities, Password Manager Pro helps eliminate password fatigue and security lapses, achieve preventive and detective security controls, meet security audits and improve IT productivity.
With insider threats looming large, taking preventive action is the need of the hour. Use Password Manager Pro and Stay Secure!
Bala
ManageEngine Password Manager Pro
Quick Video | Free Trial Download | White Papers | Success Stories
