Anyone who dismisses someone who knows their company’s network inside and out should put their security to the test. The following criminal case from the USA could serve as a cautionary tale.
How did he manage that? According to a statement from the US judicial authorities, a former employee of a not publicly named industrial company is said to have taken control of the system through Internet access. The man previously worked as an engineer for the hardware and software infrastructure on-site.
He is accused of changing passwords, thereby locking out the administrators. He also allegedly deleted important servers and backups. Afterward, he wrote a fateful email.
The accused has not yet been convicted, so the presumption of innocence applies.
Failed Extortion
What was in the email? On November 23, 2023, he wrote a demand to senior representatives of the company, threatening to cause further damage if his demands were not met; a classic extortion with an IT system as a hostage.
If approximately 680,000 euros in ransom were not paid, he would destroy further servers or backups every day.
Was he caught? Yes, we do not know exactly how much damage he ultimately caused, but by the end of August 2024, he found himself in handcuffs. The US citizen was brought before the court and released again. He is now awaiting his trial. According to authorities, they were able to trace the email address used for the extortion back to him.
What exactly is he charged with?
- Extortion with a corresponding threat to damage a protected computer
- Damage to a protected computer
- Electronic crime
A particular kind of danger has emerged from an employee of a US security company. For behind the seemingly qualified and dedicated young software engineer hid a spy from a country considered hostile by the USA. He skillfully infiltrated, but his impatience led to his downfall. The new colleague is a cybercriminal from North Korea: US computer security company avoids attack
