An IT worker has been sentenced to several months behind bars after launching a cyber-attack against his former employer that resulted in losses of £200,000 ($274,000).
Mohammed Umar Taj, 31, of Hyrst Garth, Batley, UK, had already admitted one charge of committing unauthorized acts with intent to impair the operation of or hindering access to a computer. He was sentenced at Leeds Crown Court on Friday to seven months and 14 days in custody.
Taj took out his anger on the company just hours after being suspended in July 2022, according to West Yorkshire Police.
He physically accessed the premises and corporate computer systems in order to change logins and multi-factor authentication (MFA). This enabled him to disrupt business operations, and those of customers in the UK, Germany and Bahrain, the police force said.
Read more on insider threats: Former Canadian Government IT Worker Pleads Guilty Over NetWalker Ransomware Attacks
Aside from the £200,000 in lost business this caused, the incident had a reputational impact on the firm, it added.
The force’s cyber team was able to retrieve crucial evidence on Taj’s phone in the form of recordings of his activities, and even discussions he had about the attack.
“Taj set out to get revenge on his employer following his suspension from work. He did so by targeting their IT system, which he had privileged access to. By doing this he created a ripple effect of disruption far beyond the shores of the UK,” said detective sergeant Lindsey Brants of West Yorkshire Police’s Cyber Crime Team.
“Protecting your network prevents data loss and costly cyber-attacks. It also maintains trust with clients and stakeholders. We urge all businesses to look at their network security.”
Insider threats are on the rise. According to a DTEX study from April 2024, 15% of employees take sensitive data with them when they leave an organization, rising to 76% of employees who take non-sensitive information.
It also warned of a growing threat from hostile states colluding with malicious insiders, claiming to have recorded a 70% increase in customers seeking help to protect against foreign interference since 2022.
Employers not only have to be on the lookout for disgruntled staff like Taj. North Korean IT workers are using AI tools to help them pass HR filters and gain employment in US and European firms.
Earlier this month, the US Justice Department filed a civil forfeiture complaint against some of these workers in a bid to permanently recover $7.7m (£5.6m) in stolen funds.
No tags.
