Have you ever thought about what would happen if your IT administrator were to go rogue and create redirects on your website that take your visitors to inappropriate content? Well, it happened to one unfortunate company in Arizona, and it ended poorly for both parties involved. What started as a ransom ended up as four years of probation and a huge sum of cash paid in restitution.
The technician in question--a man by the name of Tavis Tso, from Arizona--attempted to extort $10,000 dollars from a client in Phoenix. Tso had reportedly told the client that he didn’t have the login information for their domain registrar GoDaddy account, but that was a lie. He certainly did have the information, and to keep them from finding out about it, he changed the contact information in GoDaddy. He had planned to defraud the company--a plan which backfired in a spectacular way. He even went so far as to create a separate Microsoft account so that he could take over the company’s domain.
Tso made it so that the company employees couldn’t access their email accounts, and worse yet, he set up a redirect for the company’s home page that showed up as a blank page. He then demanded that the company hand over $10,000 to make the problem disappear. The victim company made the right call and didn’t give into Tso’s cyber torment. When it became clear that they had no intention of footing the bill for Tso’s treachery, he made the issue much, much worse by redirecting all of the website traffic to an unsavory porn site.
The redirect existed for several days before it was resolved, and Tso was sentenced to four years of probation in addition to $9,145 in restitution on an account of wire fraud. However, the damage done by this rogue IT administrator will be difficult to recover from, regardless of the amount of punishment he receives.
How can your business prepare itself for a disaster scenario like this? You should start by considering how you handle the permissions of any user on your network at any given time. If anyone is terminated or leaves the company for any reason, you should take prompt action to remove any permissions that they have on your network. Ideally, you want to make these precautionary changes before they leave. Do you have any other concerns about your network security? If so, reach out to SCW at (509) 534-1530.
About the author
Sam is a network engineer with a broad range of experience spanning more than 35 years. He wrote is first piece of code in 1979 and has been involved with the industry ever since. For the last 20 years, he has worked for SCW Consulting where he has embraced his passion for network technology and security.
Mobile? Grab this Article!
Tag Cloud
Comments