August 6, 2019

When an organisation suffers a cyber-attack, they experience lost customer data, time, and money. Sometimes networks are also damaged causing massive disruption. And in the case of a ransomware infection, important work files can be lost for good. However, when an organisation is the victim of a cyber-attack, employees can also be in the firing line.

When a company is hit by a phishing campaign, ransomware or an attack like Business Email Compromise (BEC), the starting point is usually with an employee or someone directly associated with the company. Phishing, for example, needs only a single person to click a malicious link or download an infected attachment and the attack begins. When this happens, heads roll. There have many cases where employees have been sacked after a security incident.

Here we take a look at a few that made the headlines, but undoubtedly, this is just the tip of the iceberg.

When Ransomware Costs More Than Bitcoins

In 2019, Cybersecurity Ventures predict business will be hit by ransomware every 14 seconds. Ransomware infects computers using a number of techniques. One typical method is via phishing emails.

Lake City in Florida was the recent victim of a ransomware attack. The city ended up paying around $460,000 in Bitcoin to the cybercriminals behind the attack. Data was lost and the city workers were unable to access emails as servers were affected. The Director of IT, Brian Hawkins, was sacked after the attack. Although Hawkins had put protection in place including backups, which allowed the council to quickly get operations up and running again, after the attack, he ultimately became a scapegoat for the incident.

A Tale of Business Email Compromise (BEC), a Lawsuit, and a Sacking

Business Email Compromise is a complex, multi-faceted, cyber-attack. It typically involves targeting a company and employees within that company who manage financial transactions. The global cost to business of BEC crime is around £9.5 billion in the last 5-years.

Patricia Reilly worked in the finance department for The Peebles Media Group. She was sacked after she inadvertently paid out £193,250 to cybercriminals behind a BEC scam that targeted the organisation. The scam involved the fraudsters impersonating the organisation’s managing director (MD) and sending out emails that looked like they were from the MD. While the bank repaid some of the money lost, the company not only sacked Reilly but also sued her for the rest of the lost money.

Outing the Breach Can Get You Fired

A cyber-attack is an embarrassing as well as a costly affair. Employees who are working in the security or IT department may have to make decisions about how to handle the breach. Companies should have fir policies on the breach management and notification process.

Mignon Hoffman, an information security officer with San Francisco State University was sacked after a major data breach incident. Hoffman claimed she was fired because she disclosed security shortcomings in the university – in other words, she became a whistle-blower as she felt this was the most ethical thing to do.

Not Outing a Breach Can Also Get You Fired

This example is the other side of the breach notification coin. If you don’t notify this can also be bad news.

Uber’s Chief Security Officer Joe Sullivan, and the company’s security lawyer Craig Clark were sacked after the massive Uber data breach that involved 57 million customers. Sullivan and Clark were allegedly fired because they tried to cover up the breach and agreed to pay the cybercriminals $100,000 to delete the stolen data. They even attempted to get the cybercriminals to sign Non-Disclosure Agreements (NDA’s).

The Big Whale Can Also Be Sacked

Business Email Compromise (BEC) is a costly crime and it isn’t just employees on the front-line who end up fired. In this case, the company’s CEO was sacked.

Walter Stephan, CEO of a Boeing and Airbus supplier, FACC, was sacked after a ‘whaling’ attack. This is one of the variants of the Business Email Compromise scam, whereby a CEO or president of an organisation is impersonated by a cybercriminal. Spoof accounts are then used to trick others into financial transactions. In this case, there was a total loss of 52.8 million euros.

The Antidote to Being Fired – Security Awareness Training

According to research by Kaspersky, 31% of data breaches result in employees being fired. It is one thing when C-Level executives are sacked after a major cyber-incident, but when other staff end up in the firing line it can seem very unfair. This is especially true if that employee has not received the right level of security awareness training.

Security awareness training gives employees across all levels of an organisation the knowledge to spot the early warning signs of an attack. Training members of an organisation in what a typical phishing email looks like and warning them about the dangers of spear phishing is a powerful way to manage the threat of a cyber-attack. Similarly, teaching security best practises also adds a layer of protection against common security issues including poor passwords and password sharing.

Sacking staff because of a security incident should always be a last resort. It costs times and money to find good staff, keeping hold of them should be a priority. Providing security awareness training is a positive way to give your employees the knowledge needed to help themselves and the organisation beat cybercrime.

Want to learn more about empowering employees with security awareness training?  Sign up for a free demo and find out how we’re already helping organisations just like yours.

Share this: