I’ve had occasion over the last year to write about digital supply chain security more than a few times (1, 2, 3). There are the aspects of outsourcing helpdesk functions, code development, millions of interconnects with partners. There is no shortage to how wide the attack surface for your organization can spread in short order if not properly protected.
Case in point, there was a story I heard about not too long ago where an employee for an outsourced provider decided that they were not happy with the position one of their contracts were taking on a subject. They decided to cause no end of misery. It’s not really material what that position was but, more importantly, the fact that this person and their firm were contractually bound to deliver and not cause mischief and mayhem. Somehow, this staffer missed that memo.
What they did was in fact remarkable. They decided to attack their customers to exact some measure of revenge for an imagined slight. This was the point where I was absolutely amazed that this person would have the cohones to try something like this. Using information for which they had privileged access they managed to destroy systems, corrupt data and take servers offline. Continue reading
Source: http://www.forbes.com/ Retrieved from (http://www.forbes.com/sites/davelewis/2015/05/27/attack-of-the-angry-support-staff/)