Hacker attacks are more and more in the spotlight, as the number of expensive attacks is increasing. In a hacker attack, most people imagine that a criminal finds a security hole in the system from a distance and exploits it. However, there is also a so-called internal hacker attack, in which the own employees cause damage. This is exactly what happened recently at the three companies Shopify, Tesla and Instacart.
Internal hacker attack – This is how the criminals proceeded
The large online commerce store Shopify reports that two employees are now being prosecuted for collecting and abusing unauthorized contact information from merchants. The Canadian company is working with the FBI and other law enforcement agencies to conduct this security investigation.
The detailed investigation of the security breach is still in its early stages, but recent information reports that the two unscrupulous employees have been stealing transaction data from merchants. According to Shopify, this data does not include payment card information, but does include names, addresses and order details of products and services purchased.
Shopify is not the only company that has recently faced internal hacker attacks, but also Tesla and Instacart. Instacart had to notify 2180 buyers that former employees had tapped sensitive information. At Tesla, the internal hacker attack could be fended off just about as well, according to CEO Elon Musk. Russian hackers contacted a Tesla employee and tried to convince him to introduce malware into the company network. The Tesla employee reported the incident immediately, so no hacker attack took place.
Protection against internal attacks
The fact that such sometimes large internal hacker attacks are possible is often due to the internal network structure. Often employees have more rights and privileges that they do not really need. To prevent internal hacker attacks, it should be ensured that employees can only view the data and have the rights they need for their work.
Managing such configurations in large companies is very difficult and time consuming. We at AWARE7 GmbH offer internal penetration tests for such cases, in which we play an employee who suddenly becomes a criminal. We examine how far we get as a “normal” employee and which data we can access that we should not actually have access to.
With an internal penetration test you will receive detailed documentation on how you should adapt your network structure to avoid unscrupulous employees and thus internal hacker attacks.
This post is also available in: Deutsch (German)