Greed drives malevolent insider to steal former employer’s IP

Thinkstock (Thinkstock)

We’ve written about the insider who wreaked havoc on a company after he resigned. We’ve also written about the executive who is recruited away by a competitor and is alleged to have taken his employers intellectual property (IP) with him on the way out the door.

But we haven’t discussed the former employee who resigns to create a company that competes against you and uses continued access to remain competitive — until now.

Jason Needham used to work at Allen & Hoshall, a design and engineering company located in Memphis, Tennessee. Needham resigned and co-founded a competing company, HNA-Engineering, but he didn’t leave Allen & Hoshall’s presence. No, he helped himself to the labors of his former employer, and he did it from afar.

According to the Department of Justice:

Needham admitted to repeatedly accessing, over a nearly two-year period, Allen & Hoshall’s servers to download digitally rendered engineering schematics and more than 100 PDF documents containing project proposals and budgetary documents.

Needham also admitted to accessing, on hundreds of occasions, the email account of a former colleague at Allen & Hoshall, which provided Needham access to the firm’s marketing plans, project proposals, company fee structures and the rotating account credentials for the company’s internal document-sharing system.

Needham used his unauthorized access to view, download and copy proprietary business information worth over $500,000.

That’s a mouthful. According to court documents, Needham left Allen & Hoshall in 2013 and co-founded HNA Engineering (HNA) in Arlington, Tennessee. The GovTribe listing for HNA identifies Needham as the point of contact for “government business.” It’s important to note from the outset, that Needham’s business partner at HNA warned Needham against taking these actions.

Needham had normal, authorized access to Allen & Hoshall’s FTP servers during his period of employment. When he left Allen & Hoshall, his access credentials were revoked and terminated (2013). It is not explained in the court documents how, with his access credentials revoked, Needham managed to continually access the FTP servers from 2014 to 2016. According to Allen & Hoshall, those who had access were limited to people within Allen & Hoshall who had a need to know and the client. What is known is Needham downloaded a boatload of data (as detailed above).

Needham also accessed the email of a former Allen & Hoshall colleague. Again, the court documents do not reveal how Needham came to have the log-in credentials for the employee’s email. What is known is that via this individual’s email account, Needham had access to the business side of Allen & Hoshall (as detailed above).

Strong off-boarding process needed

What could Allen & Hoshall have done better during the off-boarding of Needham to obviate the risk of his access? The court documents show us that Allen & Hoshall changed their FTP password credentials and that the defendant circumvented the change. One may speculate this access was made possible through his having compromised the email of his former colleague.

We don’t know if Allen & Hoshall had data loss protection technologies in place that would have highlighted Needham’s IP address as both unexpected and unauthorized. We do know that when the IP logs were inspected, Needham’s IP address was noted as having accessed the email of his former colleague, thus there were logs present.

If the FTP servers and email access required multifactor authentication, would Needham been thwarted? And though malevolent in intent, would he have been denied access from the outset?

The bottom line: Your trusted insider is trustworthy — until they aren’t. When an employee leaves, make sure the off-boarding process is comprehensive. And let colleagues and customers know the employee has departed and that access control lists are being adjusted and credentials reissued. Greed is a primary motivator for individuals to bend the rules and purloin the IP of others for their own benefit

And yes, Needham was sentenced to 18 months in prison, with two years of supervised release, and ordered to repay Allen & Hoshall $173,393.71.

Related:

Christopher Burgess is an advocate for effective security strategies, be they at the office or home for you and your family. Christopher, served 30+ years within the Central Intelligence Agency. He co-authored the book Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century .

Follow

New! Download the State of Cybercrime 2017 report

You Might Like

CSOONLINE稿源:CSOONLINE (源链) | 关于 | 阅读提示

本站遵循[CC BY-NC-SA 4.0]。如您有版权、意见投诉等问题,请通过eMail联系我们处理。
酷辣虫 » 创业投资 » Greed drives malevolent insider to steal former employer’s IP

喜欢 (0)or分享给?

专业 x 专注 x 聚合 x 分享 CC BY-NC-SA 4.0

使用声明 | 英豪名录