The problem is compounded when the pink slip's recipient worked in a technical capacity, or worse, was one of your network's architects. In that case, it's very possible that the attacker knows your systems better than anyone on your staff does.
The Secret Service and CERT recently published a 45-page report entitled Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors. It details some scary scenarios. In the hands of a CIO or IT manager, it reads more like a horror novel. Take, for instance, one of the study's introductory paragraphs:
A system administrator, angered by his diminished role in a thriving defense manufacturing firm whose computer network he alone had developed and managed, centralized the software that supported the company's manufacturing processes on a single server, and then intimidated a coworker into giving him the only backup tapes for that software. Following the system administrator's termination for inappropriate and abusive treatment of his coworkers, a logic bomb, previously planted by the insider, detonated, deleting the only remaining copy of the critical software from the company's server. The company estimated the cost of damage in excess of $10 million, which led to the layoff of some 80 employees.
Despite some hard lessons learned, there is a bright side. The study also offers guidelines to help minimize the impact of an attempted attack and steps companies can take to thwart a former-colleague-turned-attacker in the making.
This article was first published on EnterpriseITPlanet.com.