Attacked from the inside

By Derek Sooman on May 17, 2005, 12:28 PM
Have you ever hated your working environment? Or wanted to get back at your boss? I have certainly encountered several working environments and several bosses that I would not spit on if they were on fire. Computers and IT are wonderful things to work with; itís such a pity that human beings get in the way, with their petty grudges and selfish behaviour, inadequate management and unfair favouritism.

Apparently, a growing popular method of revenge against a poorly perceived working environment or a hated manager in the IT world is for a disgruntled worker to hack the network from the inside. If you think about it, it makes a lot of sense. Security defences are more often than not tailored to expect an attack from the outside, completely overlooking the potential for damage from the inside, which may be many times more deadly. Employees who are trusted with restricted access to important company systems or data are in the perfect position to destroy important files, or to steal and publish client information, and so forth. If you, as an employer, are not concerned about this, then you need your head examined.

A study by the Department of Homeland Security has revealed that out of dozens of computer sabotage cases in the last six years, much damage was done by trusted insiders who decided to turn to sabotage to get revenge.

Hacks could come from staff who were angry over disciplinary actions, missed promotions or layoffs.

According to, which published the report, favourite attacks included deleting data, or sticking pr0n on the boss's computer.

An unidentified employer told researchers that he thought something was up with one bloke who turned saboteur, but attributed the behaviour to the worker being a "weird tech guy." With a boss with that sort of attitude, it makes you wonder why the employee felt the need to shut down the company's communications for two days.

User Comments: 3

Got something to say? Post a comment
Phantasm66 said:
Here's a story that happened to a friend of mine.This friend, let's call him Fantomm, was working for a public sector establishment. They treated Fantomm poorly, promoting others over him without good cause, denying him promotion, and ignoring his (and his workmate's) honest protestations about the poor quality of the working environment they were in. This friend of mine, before leaving this job, set up a windows xp workstation that had two network interfaces, one on the internal network (along with everyone else who worked there's PCs) and another network card that was connected to a public network, which was internet facing and had far less firewalling restrictions.Fantomm then edited the registry of the XP machine, so that the remote desktop service was running on port 80, rather than the default port, which Fantomm knew would be accessible from the outside, because port 80 was open on the firewall. Fantomm then created a domain admin account that looked like it had been created during the installation of SQL server or something similar, so that when the Administrator password for the domain was changed when Fantomm left, he would still be able to have access to an admin account.Fantomm then was able to make a remote desktop connection to the XP machine from his home, and was able to remotely administer active directory and all the other network services from home. And he used this to terrorise the people who had wronged him, for a very long time, until he was sure that they had been punished enough.[Edited by Phantasm66 on 2005-05-17 14:54:13]
driverjosh said:
very nice. Yea most people/organizations do not expect attacks from within and its amazing the rate at which users or support techs cash in on such exploits. Many of us on these boards are probably to have these privallaged passwords for our company. It really amazes every day that I goto work or I hear one of my friends in security at other IT departments that they have some users who have privalaged accounts and just walk away from their workstations without locking them. Amazing, you'd think more people would lose their jobs over something like this? Who knows though, there is probably a reason they don't.
shnig said:
The best one I have heard is a guy who shall remain nameless made a logic bomb that will be triggerd when his name gets taken off the pay role. lol
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.