Pink slips ignite revenge by system administrators

IT companies are the main target of attacks in the US with the Federal Bureau of Investigations (FBI) issuing a formal warning of a sharp, upward trend in security breaches from disgruntled ex-employees. The FBI said on its website that referrals to the agency are rising and Glenn Miller, managing director of Sydney-based security software firm Janteknology, says the threat is mirrored in Australia.

Miller says security threats within organisations are a high priority, but there is a low level of awareness among IT managers in Australia.

"This is particularly true with IT staff, such as systems administrators, because they have both the ability and the opportunity to cause serious damage," he says. Access to one PC is not a real risk, Miller says, but IT staff can access an entire network. Multiplying the possible impact is the fact that Australian companies often don't change passwords for access to servers and routers for weeks after an employee has been laid off.

"The lack of awareness is disturbing and perplexing with many companies reacting only after a breach; companies should have a layoff checklist," he says.

Scholastic Australia IT manager Andrew Ogbourne agrees internal threats are a serious concern that can be countered only by strict procedures to manage passwords.

"This should apply regularly anyway, but particularly when someone leaves the organisation; all user accounts need to be identified so they can be changed immediately," Ogbourne says.

"I agree that many Australian companies aren't particularly careful in this respect, but we have fairly comprehensive procedures in place and haven't experienced this type of breach."

The FBI could not reveal exact numbers but noted that since the last downturn in the early 1990s the work force is more skilled and employees have greater access to company networks.