Cybercriminals Target Disgruntled Employees to Deploy Ransomware

Louisville Geek • August 27, 2021

How do businesses protect themselves?

(Louisville Geek | August 27, 2021) -- Picture this scenario. 


William is an intelligent, up-and-coming 32-year-old IT technician. For the past three years, he’s overseen the organization’s migration to the cloud. Even though he’s passionate about IT, he’s become increasingly frustrated with the leadership. He doesn’t trust their vision for the company, plus he feels he’s underpaid and undervalued. 


One day the vice president lashes out at him in front of the entire team for something that wasn’t even his fault. He decides ‘enough is enough’ and begins polishing his resume. He starts skimming job boards, updates his LinkedIn profile, and sends a few feeler messages to his network notifying them that he’s looking for a new job. 


Then, out of the blue, he receives the following email message: 

Translation: 

William, are you interested in making some money before you leave the company? If so, all I need you to do is install a file on your company server. We will lock up their files and request a $400,000 ransomware fee. To compensate you for your efforts, we will pay you 40% of whatever we receive in BTC. Let me know if you are interested. 


Real Threat 

The scary thing is this: there are ransomware groups acting out this very scenario all over the globe. And, while multi-million-dollar ransomware payments are dominating the headlines, the biggest financial losses tied to cybercrime each year stem from social engineering tactics just like this. These are called Business Email Compromise (BEC) or CEO Scams (where cybercriminals impersonate the organization’s CEO), and according to the latest figures released by the FBI, the reported loss from these threats increased to $1.86 billion in 2020. 


The concept of a disgruntled (or not) employee as a cybersecurity threat isn’t new. In April 2020, a Tesla employee was approached by a member of a Russian ransomware gang who offered the employee $1 million to install malware on the Tesla network. Luckily for Tesla, the employee rejected the offer and instead alerted his employer, which in turn alerted the FBI. The Russian citizen, Egor Igorevich Kriuchkov, was arrested in Los Angeles as he was trying to flee the country. 

How do cybercriminals find their targets?
Cybercrime is a business, and often the perpetrating criminals mirror the practices of legitimate organizations to find, profile, and connect with targets they view as high value. Social media platforms such as LinkedIn and Facebook are goldmines for cybercriminals, especially when most users overshare everything. In the example above, the bad actor most likely identified his targets on LinkedIn based on their job title (CIO, Systems Engineer) and industry (healthcare). Then, they probably wrote a script sending notifications when these profiles are updated (e.g., looking for a new job) and the rest is history.

Protecting Your Business from Profiling and Social Media Engineering
Data has replaced oil as the world’s most valuable commodity. When you consider that the entire business model of social media revolves around collecting data to sell on to advertisers, it’s easy to understand how advantageous social media is for cybercriminals. Here are some ways we recommend protecting your business from these types of attacks. 
  •    Ensure two-factor authentication is applied on all apps, tools, and logins.
  •  Educate your employees about the latest cybersecurity trends and threats and to be mindful about what they post on their own social media accounts. 
  •  Inform your employees about the responsible use of social media. Let them know that this is not only for the organization’s sake, but for theirs as well. 
  •  Ensure that your organization has an offboarding plan that revokes access to any employee leaving the company. 
Final Thoughts 
Even though disgruntled employees are something to be mindful of, keep in mind loyal employees also experience these types of socially engineered tactics on a regular basis. Our best advice is to continuously train your employees about the threats that exist and how to respond to potential incidents. 
 By: Ben Lawrence, Managing Partner at Louisville Geek  (Louisville Geek is a silver sponsor of FEI Louisville).

JOIN FEI TODAY

Join the association of choice for Louisville's financial leaders.  
JOIN TODAY

OUR GOLD SPONSORS

More FEI Louisville News

A Brief Welcome from Incoming President Uric Dufrene

By Teresa Andrews March 17, 2025
Uric Dufrene

Economic impacts on Kentucky and Indiana

By Uric Dufrene July 23, 2024
National manufacturing impact on regional payrolls -- with rate cuts are on the horizon

My final President's column

By Jim Schildt July 17, 2024
Jim Schildt shares his thoughts

Vaco and HIG events available to FEI members

June 17, 2024
Register for June 18 events

Will consumers finally tap on the brakes?

By Uric Dufrene, Sanders Chair of Business, IUS June 7, 2024
Spending has slowed unexpectedly

Amy Szymansky and Michelle Kerstine join FEI Louisville

By Terry McWilliams June 6, 2024
Michelle Kerstling, Chief Financial Officer, Dismas Charities (left) and Amy SzymaƄski, Senior Director of Finance, American Printing House for the Blind Michelle Kerstine Michelle Kerstine is Chief Financial Officer for Dismas Charities, one of the largest, not-for-profit providers of residential, effective, evidence based re-entry services in the United States. She joined Dismas in 2023 and is responsible for the management and oversight of Finance and Human Resources, according to her Dismas profile, and will have a critical role in the development of all plans regarding the continued growth and success of the company. Michelle has more than 25 years of leadership experience with non-profit organizations in the roles of team member, consultant and board member, and has held several leadership positions in Finance during that time. She holds a B.S. in Accounting and an MBA both from the University of Louisville and continues to make community involvement in local non-profit boards and civic organizations a priority. Amy Szymansky Amy Szymansky is senior director for finance at the American Printing House for the Blind. She was recommended for membership by Andrea Higgins from Robert Half. Since 1858, APH has operated in Louisville as the world’s largest nonprofit organization creating accessible learning experiences through educational, workplace, and independent living products and services for people who are blind and low vision. Prior to joining APH in 2023, Amy was Senior Controller at American Queen Voyages. She also previously served as controller for a family office and in financial positions for other companies. She graduated from Sullivan University with an MBA with focuses in accounting and business.

Zachary Taylor succeeds Dave Lewis as FEI treasurer

By Terry McWilliams June 6, 2024
Dave served the board as treasurer since 2006

Steve Klasskin, new FEI member

By Terry McWilliams May 6, 2024
Please welcome Family Allergy & Asthma's CFO to our organization of financial executives

Benchmarking Sustainability Efforts

By FEI National April 26, 2024
Climate reporting is happening

Accolades, trophies and certificates

By President's Column: Jim Schildt April 19, 2024
Who do you associate with?
More Posts