The Disgruntled Security Breach Strikes Again

We’ve said it before and we’ll say it again – disgruntled, former employees pose a major risk to your network. If you’ve been following the headlines this week, you know why we’re bringing this up again.

A former IT employee at Gucci was charged with remotely taking over the haute-couture company’s computers, shutting down servers, and deleting emails, the Wall Street Journal reported yesterday. According to the WSJ, here’s what’s happened:

Sam Chihlung Yun, 34 years old, allegedly created an account in the name of a fictional employee and used it to access the company’s network after he was fired in May 2010, prosecutors said. He allegedly caused more than $200,000 in diminished productivity, as well as remediation costs, prosecutors said.

Now Mr. Yun is being charged with a 50-count indictment for unauthorized use of a computer, unlawful duplication of computer-related material, among other charges. So, how did he do it? InformationWeek is reporting that Yun created a VPN token in the name of a fictional employee, then when he was fired he used this USB-based token to gain remote access. In the aftermath of Yun’s attack in November, Gucci staff were not able to access any documents, files, or materials saved anywhere on its network.

Frightening, right? So what can you do? Review your user log carefully and often – if you spot a red flag, investigate. Also, make sure all former employees are completely provisioned off the network and reset all the passwords and access rights following their departure.

Gucci was lucky enough to catch and prosecute its culprit — but the fashion giant would have been luckier if it had stopped the breach before it even happened.

Share on LinkedInShare on FacebookTweet about this on TwitterShare on Google+Pin on Pinterest

Trackbacks/Pingbacks

  1. NewsFerret Tech » Blog Archive » Op-ed: Live, VPN! Why VPNs are a must-have for today’s workforce - [...] Sony to Gucci, high-profile companies became victims of hacking with incredible frequency in 2011. Corporate [...]
  2. Op-ed: Live, VPN! Why VPNs are a must-have for today’s workforce | Greediocracy - [...] Sony to Gucci, high-profile companies became victims of hacking with incredible frequency in 2011. Corporate [...]
  3. Live, VPN! Why VPNs are a must-have for today’s workforce « VPN Haus - [...] From Sony to Gucci, high-profile companies became victims of hacking with incredible frequency in 2011. Corporate heists of this scale are typically…
  4. Op-ed: Live, VPN! Why VPNs are a must-have for today’s workforce | kandangKucing - [...] Sony to Gucci, high-profile companies became victims of hacking with incredible frequency in 2011. Corporate [...]
  5. Op-ed: Live, VPN! Why VPNs are a must-have for today’s workforce | Virtual Data Room - [...] Sony to Gucci, high-profile companies became victims of hacking with incredible frequency in 2011. Corporate [...]

Submit a Comment

Your email address will not be published. Required fields are marked *

Captcha: *