Angry Employees Downloading Viruses And Spyware On Purpose?

from the take-that dept

While external hack attacks have surpassed disgruntled employees causing problems, that doesn’t mean those disgruntled employees don’t exist. While the more technically minded disgruntled employees may cause problems by shutting down a computer system or some other nasty little trick, apparently some upset employees are taking to a different form of corporate “civil disobedience.” 23% of companies surveyed claim that they believe upset employees are downloading viruses and other malicious software on purpose just to cause trouble (the article doesn’t make it clear how these companies knew the downloads were on purpose — so you could question the study on that point). This doesn’t go quite as far as the employee who wrote and sent out a virus to colleagues, but it certainly seems like the type of internal “hack” less technically savvy employees might try. Still, the overall impact of a company with any decent security software is likely to be minimal. Update: Ed Bott digs a little deeper and questions the study. His concerns are probably accurate.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Angry Employees Downloading Viruses And Spyware On Purpose?”

Subscribe: RSS Leave a comment
Ratliff says:


Doesn’t the idea that a company’s employees are intentionally downloading viruses sound like a convenient way for the people in charge of IT security to say it’s not their fault? “Well, I hate to say this, but we can hardly protect against viruses if our own people are working against us.” My extensive experience on both sides of the management divide has left me with the idea that managers are routinely encouraged to think of their employees as lazy, resentful, and malicious, so in a lot of cases it wouldn’t be much of a stretch for them to believe this — and for some people, it would be easier to swallow than the idea that they can’t really protect their system from attack.

Nonesuch (user link) says:

How they know it's on purpose

Corporations log all HTTP/FTP requests from internal clients to the Internet. Often the user is required to authenticate to the gateway, so you know it’s really the employee not J. Random Hacker.
If the logs show somebody searching google for VX information, seeking out exploit sites, and then downloading .arj files named for worms, then hunting around for a .arj extractor and downloading that, it’s rather obvious what was going on.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...