Daily NewsCyber Crime & ForensicCyber SafetyIdentity & Access

Digital Vendetta: The Malicious Impact of Disgruntled Employees

Photo of Syed Ahmad Hafez Syed Ahmad Hafez Send an email November 6, 2024
3 minutes read
Insider threat

While businesses pour resources into defending against cyber attacks from the outside, an often-overlooked risk is a far more personal one — revenge from an insider. For a former employee, a severed tie can turn into a digital vendetta, with far-reaching consequences. Sometimes it’s the threats that come from the inside that could pose the biggest damage. As in the case of a former Disney employee who was arrested for hacking into the company’s systems.

After being fired from his position as a menu production manager at Disney in June, Michael Scheuer did not take his dismissal quietly. In fact, the fallout was just beginning. Scheuer’s termination, reportedly due to “misconduct” and a “contentious” departure, seemed to ignite a darker plot. Less than a month later, he allegedly used his still-active credentials to infiltrate Disney’s systems and launch a digital attack that would cause chaos both within the company and beyond.

His first strike was an attack on the menu creation system. Using his insider access, Scheuer changed the system’s fonts to an unreadable jumble of Wingdings symbols. The change affected the entire Disney database, rendering all menus unusable for weeks until a costly restore was performed using backup copies. This could have been seen as a mere nuisance, but Scheuer’s next actions were far more dangerous and malicious.

A Calculated Act of Malice

In what appeared to be a calculated act of sabotage, Scheuer also used his credentials to access menus that were about to be printed and manipulated QR codes to redirect them to a political message calling for a boycott of Israel. But perhaps most disturbing was his alleged tampering with allergen information on the menus. By removing critical details about food safety, Scheuer endangered the health of unsuspecting restaurant patrons. Although Disney claims that the altered menus were identified and quarantined before they reached customers, the consequences of such an act — especially for those with severe food allergies — could have been catastrophic.

Scheuer’s campaign didn’t stop there. He reportedly launched multiple denial-of-service (DoS) attacks against Disney employees with whom he had conflicts, flooding their accounts with erroneous login attempts. A search of his home uncovered even more alarming evidence, including personal information about his targets and traces of his digital footprint, which he had tried to cover up with VPNs and virtual machines. This was not just a case of hacking—it was a deliberate act of revenge that could have resulted in both financial loss and personal harm. His insider knowledge made his attack particularly dangerous and showed how devastating the actions of a disgruntled insider can be.

Protecting Against Insider Threats

In response to the breach, Jim Edwards, Senior Director of Engineering at Keeper Security, pointed out that robust identity and access management solutions are crucial in safeguarding sensitive data.

Insider threat
Jim Edwards, Senior Director of Engineering at Keeper Security

Jim emphasised that the case of the fired Disney employee who tampered with dining menu information serves as a stark reminder of how important it is for organisations, particularly those in industries such as tourism and events, to implement strong cybersecurity protocols. In these sectors, where the safety of visitors is paramount, even the smallest vulnerability can lead to disastrous consequences.

“With digital systems increasingly supporting everything from ticketing to essential information – like dietary and allergen details – effective offboarding practices are vital to ensure the security and protection of guests,” Jim said.

To prevent such security breaches, he recommends that organisations immediately revoke access for departing employees to prevent potential security issues. Adopting zero-trust policies where access is limited strictly to the employee’s specific job requirements, and utilising tools like privileged access management and identity and access management solutions, can help organisations maintain secure control over sensitive information and systems.

For businesses in sectors like tourism, Jim believes that these measures are essential not only for data protection but also to ensure a safe, trustworthy experience for guests.

Tags
Photo of Syed Ahmad Hafez Syed Ahmad Hafez Send an email November 6, 2024
3 minutes read
Photo of Syed Ahmad Hafez

Syed Ahmad Hafez

In his role as Editor, Syed oversees the editorial content and daily operations of the editorial content and day-to-day news operations of AOPG’s IT portals, primarily Data Storage Asia, Disruptive Tech News and Cyber Security Asia. Syed started out his career in IT, where he was involved in IT projects subcontracted by companies such as Mesiniaga, Standard Chartered and Fujitsu. Having a background in engineering in his tertiary years as well as a penchant for language and translation, Syed has been able to pull together his varied background along with his wealth of copy-writing experience to, through informed articles and interviews, help readers stay updated with the ever-evolving world of enterprise IT.

Related Articles

Financial Phishing

Financial Phishing Continues to Be Menace to SEA Companies—Kaspersky

November 28, 2024
Keeper Security

Williams Racing Chooses Keeper Security to Safeguard Data in Formula 1’s High-Stakes, Data-Driven World

November 28, 2024
Tanium Automate

Sleepless Nights & Security Gaps: Why Automation Is Your Cybersecurity Ally

November 27, 2024
DevSecOps

Everything Old is New Again: AI-Driven Development and Open Source

November 27, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *

(c) Asia Online Publishing Group 2024 - Media and PR enquiries - editor@aopg.net