Sacked employees triple malicious data deletions

5 Nov 2009

Recent findings from Irish online backup firm keepITsafe have revealed there is a correlation between the increase in unemployment as a result of the global recession and the tripling of malicious data attacks on companies.

Companies reported they experienced a threefold increase in the number of malicious data deletions as a result of inside attacks rather than external security threats.

“Throughout the years, data-loss disasters from malicious attacks have grown steadily, but on review of 2009 we have found a significant increase in such attacks throughout our customer base,” said Jonathan Crowe, technical director, keepITsafe.

“A worrying signal of how exposed data really is,” he added.

This increase in data attacks is the result of disgruntled staff members looking at ways to “get back at their employees” for a particular reason, claimed Crowe.

Also, the imminent threat of redundancy has encouraged some employees to take valuable company data with them for various reasons.

“Companies are even more exposed when an IT staff member is made redundant; they are more than likely the biggest threat as their IT-savvy nature would open up the possibility of file deletions to full server deletions.

“This internal threat is real and should be taken seriously,” added Crowe.

KeepITsafe’s findings have indicated this trend increased moreso in the second half of this year and with the potential to put companies out of business.

“Our system constantly monitors large file deletions from our client’s servers and highlights unusual activity to our engineers. We had one instance where we notified a client while a staff member was in the process of saving and deleting a large number of files from the server. If not caught in time, the consequences on running their business was unimaginable,” he added.

Another data risk comes not just from employees but also business partners and directors who might leave of their own accord, said KeepITsafe.

This risk, explained Crowe, can be reduced by approaching data security in a pragmatic way that assesses threats and provides a shield against such possibilities, and KeepITsafe, Ireland’s largest online backup company, advises that firms consider retention policies while keeping in mind that data loss may not surface for a number of weeks.

By Marie Boran