A sacked school IT Technician who took revenge by deleting data and sabotaging his old school’s network (and by wiping the computers of everyone who was logged in) has been jailed.
Revenge Hack
As reported on Leicestershire Live, a court was told that Adam Georgeson, 29, who was dismissed from his job as an IT Technician last January at Welland Park Academy in Leicestershire, took revenge by hacking back into the school system and deleting data.
School Network Sabotaged
In the attack, Mr Georgeson sabotaged his old school’s network, thereby taking it offline for 10 days. This meant that staff were forced to work long overtime hours without payment to try and rectify the problems. Also, the attack meant that 4 staff members were unable to resume working remotely for nearly four months!
Personal Devices of Pupils Wiped
The other particularly distressing aspect of the attack was the wiping of any devices that were connected to the school’s network at the time. This meant that at least 125 devices, including those belonging to 39 families and computers at the school, had their files completely wiped. This meant the loss of personal family photographs for example, as well as important work and study files. It was reported that the school had to spend £15,600 to restore the system. This spending also meant that cutbacks had to be made on school spending elsewhere, thereby magnifying the impact of the attack.
Losses
Some of the losses reported in the attack, highlighted in personal impact statements, included:
– A full-time student, in the second year of university studies losing most of her work from the preceding 18 months, leading to her failing an exam.
– A father-of-three losing 1,000 family photographs.
– An assistant headteacher losing learning-related materials and all of his son’s GCSE coursework.
Not The Only Attack
Mr Georgeson is also reported to have carried out another cyber-attack a few months earlier on a former employer’s business. The attack on Rutland-based Millennium Computer Services, from where Mr Georgeson had been dismissed for misusing the company’s credit card to buy personal computing equipment (without permission) caused chaos to the company’s computer system, putting it out of action for 8 days.
Why?
The court was told that Mr Georgeson’s actions were the result of a crisis of depression and anxiety. The Judge, however, ruled that the motivation for the attacks were spite and revenge. After pleading guilty to two counts of unauthorised modification of computer material under the Computer Misuse Act, Mr Georgeson was jailed for 21 months.
What Does This Mean For Your Business?
This case highlights the need for businesses and organisations to have procedures and systems in place for dealing with and minimising some of the risks associated with employee exit. Although this case sounds exceptional and the former employee was found to be responsible due to malicious hacking, it should also be noted that businesses and organisations have a legal responsibility to ensure that security levels are maintained with regards to data security, and this also applies to employee exit (i.e. ‘insider threat’). In order to reduce this kind of threat, areas that businesses and organisations need to address as soon as a staff member leaves could, for example, include:
– Revoking login details and rights/permissions for company computer systems and networks.
– Revoking access to the CRM, thereby protecting data relating to the company, its customers, its other stakeholders, sales, communications and more.
– Stopping access to collaborative working apps/platforms and shared, cloud-based, remote working platforms e.g., Teams or Slack.
– Changing the person’s personal voicemail message on the company phone.
– Ensuring that the departing staff member returns all company devices. This means having procedures in place to keep a record of which company devices have been allocated to each employee.
– Retrieval of any backup/storage media e.g., USBs may also help to prevent some security threats.
– Making sure that any stored items in separate folders on the departing person’s computer are transferred back to the company/organisation or deleted.
– Having a policy in place for the regular changing of passwords and changing any passwords shared with multiple members of staff when one person leaves.
– Changing PINs for any credit/debit cards that the person was authorised to use.
– Immediately letting the team/person responsible for IT security know that a person has left, particularly if the person left ‘under a cloud.’
– Making sure that all company-related keys, pass cards, ID cards, parking passes, and any other similar items are retrieved.
– Retrieving any physical documents that the employee was issued e.g., a handbook that contains information and data that could threaten company security.
– If the departing employee’s email address and extension feature on the website and/or if that employee is featured as being in the role that they are departing from, this needs to be removed from the website. Also, check that company social media doesn’t indicate that the departed employee is still in their role e.g., on LinkedIn and Facebook. Checks should also be made to ensure that the departing employee doesn’t feature in the business/organisation’s online estate e.g., at the top of the website home page or other prominent pages.
About us and this blog
We are a IT solutions and support company. In our BLOG you can find more information about services and solutions we provide and learn how they can benefit you and your business.
We offer professional IT support for small and medium size businesses, as well as support home based businesses.
To check how we can help improve your security and productivity, request your FREE IT health check today!
Categories
Archives
- October 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
More from our blog
See all postsTags
Categories
- Brand development (4)
- Business advice (19)
- education (14)
- News (987)
- Uncategorized (14)