En
En
Products
SearchInform DLP
SearchInform Risk Monitor
SearchInform ProfileCenter
SearchInform FileAuditor
Data protection and classification
Access rights audit
User activity audit, investigation
Compliance
Use case: access control and change management
Use case: user behavior and insider detection
Use case: eDiscovery
Use case: file cleanup
SearchInform SIEM
TimeInformer
Cloud solutions
Third-party integration
Services
Services
SearchInform for MSSP
How to max out SearchInform services
Compliance
Saudi Arabian Monetary Authority
GDPR compliance with SearchInform
Personal Data Protection Bill
Resources
White Papers
Research
How to
Practices and use cases
Videos
Partners
Become a Partner
Partner login
Contact us
Products
SearchInform DLP
SearchInform Risk Monitor
SearchInform ProfileCenter
SearchInform FileAuditor
SearchInform SIEM
TimeInformer
Cloud solutions
Third-party integration
Services
Services
SearchInform for MSSP
How to max out SearchInform services
Compliance
Saudi Arabian Monetary Authority
GDPR compliance with SearchInform
Personal Data Protection Bill
Resources
White Papers
Research
How to
Practices and use cases
Videos
Partners
Become a Partner
Partner login
Contact Us
Book a return call
HomeBlogDismissed IT Employee Stops Production of Cowboy Boots in Texas
BACK TO BLOG LIST
Dismissed IT Employee Stops Production of Cowboy Boots in Texas
03.04.2017
The former technical support engineer of Lucchese Bootmaker, a well-known footwear manufacturer in the United States, admitted that he deliberately had thwarted work of the factory in September 2016. The attack on the company’s server occurred an hour after the IT engineer had been informed of his dismissal. He acted aggressively at the time of dismissal, and his colleagues had to make an effort to get him out of the building. Therefore, the company’s security department and the police immediately linked the incident with the dismissal. Information security experts found out that the fired engineer had used the previously created account, disguised as a printer, to gain remote access to the system. He disabled the mail server and server that was responsible for processing orders and production activities. He also deleted the system files, because of which the regular IT employees could not restart and restore the server. In addition, he blocked access to employees’ accounts by specifying new passwords. As a result of the incident, the production of cowboy boots stopped. Half a day employees could not make out and send out orders. The management was forced to send home 300 workers. It took several hours for contractors to restore the servers, and a few weeks to return to the normal production cycle. The losses of Lucchese Bootmaker reached 100 thousand dollars only because of problems in the shipping center, not counting the downtime and payment for the contractors’ services. The engineer who was furious because of his dismissal spent 45 minutes on the operation, but he forgot to carefully erase the traces of his presence on the corporate network. As a result of the investigation, it was possible to reconstruct the course of the incident, and more... It was also discovered that the suspect had had the database with the employees' records and just before the dismissal had sent a file from the corporate to the personal mailbox. The order of logins and passwords in the document corresponded to the order in which the employees accounts were blocked on the attack day. It also became clear that the fake account, with which the suspect remotely had administered the server, had been already used from his service computer, password-protected. The account that looked like a standard printer was blocked. The court will decide on the punishment in early June. The former IT engineer faces up to 10 years in a federal prison and a 250-thousand-dollar fine.
BACK TO BLOG LIST
Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyberincidents.
Products and Services
FileAuditor
DLP
Risk Monitor
ProfileCenter
SIEM
MSSP
Cloud Deployment
Company
Contact
About Our Company
Company Portfolio
Our Clients
Press About Us
Press Kit
Resources
White Papers
Third-party integration
Research
Practices and use cases
Videos
News
Company News
Product News
Events
Blog
Challenges
Compliance
Data Loss Prevention
Investigation
Data at Rest Discovery
Data Encryption
Data Visibility
Data Classification and Protection
Data at Rest Discovery
Time Tracking and Employee
Monitoring
Corporate Fraud Mitigation
Roles
C-level executive
Risk manager
Internal audit officer
Compliance manager
Information security analyst
Chief Human Resources Officer
Industries
Business Services
Education
Financial Services
Government
Insurance
Manufacturing
Healthcare
Retail
Energy
Hospitality
Construction
Partners
Become a partner
Partner login
SearchInform products are recognized by
Gartner The Radicati Group
Follow us:
© 2024 SearchInform LTD All rights reserved.
Terms of Use
Licence
Privacy&Cookies