A disgruntled IT worker has been jailed after costing his employer £200,000 - and its good reputation - by exploiting his privileged network access.
West Yorkshire man Mohammed Umar Taj was suspended from his job in Huddersfield in July 2022, and began taking revenge within hours.
According to West Yorkshire Police, he went back to the company’s premises and accessed its computer systems, altering login credentials to disrupt the firm’s day to day activities.
A day later, he went further, changing access credentials and the company’s multi-factor authentication (MFA) - causing big problems for the firm’s clients both in the UK and overseas in Germany and Bahrain.
However, Taj wasn’t exactly covert, having kept recordings of his activities and discussing the attack on the phone. These calls and recordings were later accessed by West Yorkshire Police’s cyber team and played a vital role in the case.
He has now been sentenced to seven months and 14 days in custody for committing unauthorized acts with intent to impair the operation of or hindering access to a computer.
“Taj set out to get revenge on his employer following his suspension from work. He did so by targeting their IT system, which he had privileged access to. By doing this he created a ripple effect of disruption far beyond the shores of the UK," said detective sergeant Lindsey Brants of West Yorkshire Police’s Cyber Crime Team.
“Protecting your network prevents data loss and costly cyber attacks. It also maintains trust with clients and stakeholders. We urge all businesses to look at their network security.”
Why you should always be wary of insider threats
According to a recent survey of more than 400 IT and cybersecurity professionals by Gurucul, 48% experienced a rise in insider attacks in the previous 12 months, with 51% having six or more attacks in that time.
When it came to the cost of remediation, 32% said it was between $100,000 and $500,000 while 27% put it at anywhere between $500,000 and $1 million.
Companies are starting to take the risk seriously, however. Alternative research from DTEX Systems found that organizations are spending 16.5% of their annual IT security budget on insider risk management – up from 8.2% in 2023.
More than eight-in-ten now have - or are planning to introduce - an insider risk management program. Of those that do, 65% said their program was the only security strategy that enabled them to pre-empt a data breach by detecting insider risk early.
"Insider-driven security incidents result in significant financial and reputational costs," said DTEX Systems CEO Marshall Heilman.
"However, organizations investing in dedicated insider risk management programs are achieving faster containment or preventing incidents entirely — a decisive win in the fight against data loss."
MORE FROM ITPRO
-
Organizations around the world are unprepared for the threat from bad bots – and UK businesses are some of the worst performersNews As AI-driven bot traffic booms, legacy defenses are failing fast
-
Work is work, not a ‘vibe' – no matter what Microsoft saysOpinion The name for Microsoft’s new Office Agents sounds like a forgettable attempt to be cool
-
‘Channel their curiosity into something meaningful’: Cyber expert warns an uptick of youth hackers should be a ‘wake-up call’ after teens charged over TfL attackNews Encouraging youths to engage in positive tech initiatives will guide them down the right path and away from nefarious activities
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
The Allianz Life data breach just took a huge turn for the worseNews Around 1.1 million Allianz Life customers are believed to have been impacted in a recent data breach, making up the vast majority of the insurer's North American customers.
-
Warning issued as new Pakistan-based malware group hits millions globallyNews Tempting people in with offers of pirated software, the network installs commodity infostealers, according to CloudSEK
-
Millions of customers have been exposed in the Qantas cyber attack – here’s everything we know so farNews While details remain murky, cyber experts told ITPro the Qantas incident bears all the hallmarks of the Scattered Spider ransomware group.
-
M&S aims for full online restoration within four weeks following major cyber attackNews M&S CEO Stuart Machin says the high street retailer plans to fully restore operations by August following a devastating cyber attack in April.
-
Financial impact of cyber attacks on UK retailers laid bare in new reportNews Analysis from the Cyber Monitoring Centre shows the recent cyber attacks on a host of UK retailers could cost up to £440 million.
-
A sneaky cyber espionage campaign is exploiting IoT devices and home office routers – here's what you need to knowNews Researchers at SecurityScorecard have issued a warning about a new China-linked threat campaign, dubbed 'LapDogs', targeting IoT devices and home routers.
