British IT worker jailed for revenge attack on employer that caused a “ripple effect of disruption” for colleagues and customers
Mohammed Umar Taj accessed the company's network, changing user access credentials and causing huge disruption
A disgruntled IT worker has been jailed after costing his employer £200,000 - and its good reputation - by exploiting his privileged network access.
West Yorkshire man Mohammed Umar Taj was suspended from his job in Huddersfield in July 2022, and began taking revenge within hours.
According to West Yorkshire Police, he went back to the company’s premises and accessed its computer systems, altering login credentials to disrupt the firm’s day to day activities.
A day later, he went further, changing access credentials and the company’s multi-factor authentication (MFA) - causing big problems for the firm’s clients both in the UK and overseas in Germany and Bahrain.
However, Taj wasn’t exactly covert, having kept recordings of his activities and discussing the attack on the phone. These calls and recordings were later accessed by West Yorkshire Police’s cyber team and played a vital role in the case.
He has now been sentenced to seven months and 14 days in custody for committing unauthorized acts with intent to impair the operation of or hindering access to a computer.
“Taj set out to get revenge on his employer following his suspension from work. He did so by targeting their IT system, which he had privileged access to. By doing this he created a ripple effect of disruption far beyond the shores of the UK," said detective sergeant Lindsey Brants of West Yorkshire Police’s Cyber Crime Team.
“Protecting your network prevents data loss and costly cyber attacks. It also maintains trust with clients and stakeholders. We urge all businesses to look at their network security.”
Why you should always be wary of insider threats
According to a recent survey of more than 400 IT and cybersecurity professionals by Gurucul, 48% experienced a rise in insider attacks in the previous 12 months, with 51% having six or more attacks in that time.
When it came to the cost of remediation, 32% said it was between $100,000 and $500,000 while 27% put it at anywhere between $500,000 and $1 million.
Companies are starting to take the risk seriously, however. Alternative research from DTEX Systems found that organizations are spending 16.5% of their annual IT security budget on insider risk management – up from 8.2% in 2023.
More than eight-in-ten now have - or are planning to introduce - an insider risk management program. Of those that do, 65% said their program was the only security strategy that enabled them to pre-empt a data breach by detecting insider risk early.
"Insider-driven security incidents result in significant financial and reputational costs," said DTEX Systems CEO Marshall Heilman.
"However, organizations investing in dedicated insider risk management programs are achieving faster containment or preventing incidents entirely — a decisive win in the fight against data loss."
MORE FROM ITPRO
-
Why MSPs need data-driven strategies in 2026Industry Insights Data-driven MSPs can make smarter business decisions and, ultimately, deliver a better service
-
Rethinking fraud prevention: From identity checks to identity signal integritySponsored With new techniques being used by criminals, fraud detection has to move with the times to ensure security
-
German authorities want your help finding the hackers behind GandCrab and REvilNews Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk are believed to have made millions from ransomware as a service schemes
-
Interpol teams up with tech firms to seize 45,000 malicious IPs, servers in global cyber crime crackdownNews Operation Synergia III saw 94 arrests - and counting - with malicious IP addresses used in phishing and fraud schemes seized
-
The rise of teen hackers ‘makes for a good headline’, but cyber crime activities peak later in life
News With family responsibilities and mortgages to pay, it's not teenagers dishing out malware or carrying out cyber extortion
-
Cloudflare warns state-backed hackers are ‘weaponizing legitimate enterprise ecosystems’ as ‘living off the land’ attacks surge
News Chinese, North Korean, and Russian-backed threat groups now favor longer-term compromises over brute force attacks
-
DIY hackers are turning to ‘flat-pack’ malware components to speed up attacks and cut costsNews While these malware campaigns are very basic, researchers noted “they still work”
-
Security expert warns Salt Typhoon is becoming 'more dangerous' after Norwegian authorities lift lid on critical infrastructure hacking campaignNews The Chinese state-backed hacking group has waged successful espionage campaigns against an array of organizations across Norway.
-
The FBI has seized the RAMP hacking forum, but will the takedown stick? History tells us otherwiseNews Billing itself as the “only place ransomware allowed", RAMP catered mainly for Russian-speaking cyber criminals
-
Microsoft just took down notorious cyber crime marketplace RedVDS – and found hackers were using ChatGPT and its own Copilot tool to wage attacksNews Microsoft worked closely with law enforcement to take down the notorious RedVDS cyber crime service – and found tools like ChatGPT and its own Copilot were being used by hackers.
