Officials in San Francisco last summer found out just how easy it can be for one person to hold the city, or at least critical parts of its IT network, hostage for several days. In July, a disgruntled network administrator for the city locked up a multimillion-dollar municipal computer system that handles sensitive data. The employee, Terry Childs, refused to give up the password to the FiberWAN system, which he had helped design. Childs eventually gave the password to San Francisco mayor Gavin Newsom, but not before a lockout that lasted almost two weeks and cost the city close thousands of dollars to fix.
The lockout was one of several incidents featuring bad acts by company employees, both current and former, that made headlines in 2008. […]
Money was the motivator in the 2008 case that involved mortgage lender Countrywide. In July, the company alleged one of its employees stole personal information about customers and sold it for financial gain. Rene Rebollo was arrested by FBI officials who accused him of stealing information about Countrywide customers throughout the country over a two-year period. A second person, Wahid Siddiqi, was also arrested for allegedly buying the stolen data and also selling it. […]
[Security expert Matthew Doherty] recommends companies also make sure they have a reporting procedure in place to make it easy and anonymous for employees to report suspicious behavior.
“In many insider threat cases, there was concern on the part of coworkers prior to an attack being carried out but there was no reporting mechanism. Companies need to have a system where reports can be handled anonymously and appropriately.”