Employee Serving Time for Retaliatory Action Against Previous Employer in Tech Sector
In a recent court ruling, Mohammed Umar Taj, a 31-year-old resident of Hyrst Garth, Batley, UK, was sentenced to seven months and 14 days in custody for launching a cyber-attack against his former employer, German robotics company KUKA. The incident occurred just hours after Taj was suspended in July 2022. Taj, who had privileged access to the IT system of his former employer, used this access to create a disruption that affected business operations beyond the UK. Detective Sergeant Lindsey Brants of West Yorkshire Police's Cyber Crime Team stated that Taj targeted the IT system of his former employer to get revenge following his suspension. The cyber-attack resulted in losses of £200,000 ($274,000) for the company, caused a reputational impact, and disrupted business operations in the UK, Germany, and Bahrain. The West Yorkshire Police's cyber team retrieved crucial evidence of Taj's activities from his phone, including recordings of his activities and discussions about the attack. Taj had already admitted committing unauthorized acts with intent to impair the operation of or hindering access to a computer. The attack by Taj is a stark reminder of the growing threat from insider threats and disgruntled staff. Employers need to be aware of individuals like Taj, but also of North Korean IT workers using AI tools to pass HR filters and gain employment in US and European firms. A DTEX study from April 2024 reported that 15% of employees take sensitive data with them when they leave an organization, rising to 76% of employees who take non-sensitive information. This underscores the importance of implementing robust data protection measures and monitoring employee activities. Earlier this month, the US Justice Department filed a civil forfeiture complaint against North Korean IT workers to permanently recover $7.7m (£5.6m) in stolen funds. This action serves as a warning to foreign states colluding with malicious insiders, as the study also warned of a 70% increase in customers seeking help to protect against foreign interference since 2022. In conclusion, the cyber-attack launched by Taj serves as a cautionary tale for businesses worldwide. It highlights the need for vigilance against insider threats and the growing threat from foreign interference. Employers must prioritise data protection and employee monitoring to safeguard their businesses from such attacks.
