Friday, October 28, 2022

Fired Staffer Hacks New York Post Website


When a New York Post employee on Thursday hijacked the company’s website and Twitter Inc. account to post death threats, as well as racist and misogynistic headlines, it was just the latest example of a company insider abusing their access for their own gain.

Bloomberg reports The Post fired the unnamed employee after headlines on the news site included offensive headlines, including calling for the assassination of some US leaders

For all the attention on foreign hackers, rogue employees constitute a major threat to organizations.

“The New York Post hack is just the tip of the iceberg,” Howard Ting, chief executive of cybersecurity company Cyberhaven Inc. said in an interview. “We read all the time about external hacking threats, but I think of them as the big pipe that bursts in your neighborhood and causes a flood. The internal threats are the faucets leaking in your neighbor’s home, the hidden problem that is dripping away over time.”

 
A company with 1,000 employees experiences an average of 45 “data exfiltration incidents” each month, a rate that increased to 2,254 per month for a company with 50,000 workers, according to a study by Cyberhaven. Such incidents include staffers sending work from a corporate account to a personal email address, accessing sensitive project files or gathering client data. Client data comprises 44.6% of the sensitive information employees exfiltrate, Cyberhaven said.

“Most of the time these companies don’t even know,” Ting said.

In August a product manager at the cryptocurrency company Coinbase Inc. named Ishan Wahi was charged in the first-ever crypto insider trading case in August. Wahi, who pleaded guilty, shared details of new coins that Coinbase planned adding to add its exchange with his brother and friend so they could buy them in advance in anticipation of rising prices. The Securities and Exchange Commission said Wahi made a profit of more than $1.1 million by passing on the confidential information.

History has shown that internal threats can do more than just reputational damage, and can cost a company its valuable secrets.

No comments:

Post a Comment