This is the story of two scary cybercrimes.
One involved cyber threats in the workplace, and the other involved hacking of personal social media accounts. Both crossed over into alleged extortion attempts.
If you're looking for a way to make cybercrime personal for the employees at your office, these two cases show what's possible and why they need to be on alert to protect their workplace and their family.
Hire me, or I'll launch a cyber attack on your company
Todd Gori thought he deserved a job at TSI Healthcare, a healthcare software company in the Carolinas. He believed a specific employee was responsible for him not getting the job, so he targeted her and the company.
He demanded she be fired, and that he would replace her. If not, he was going to launch a cyber attack against the company.
"I'm giving you guys 72 hours to respond until the attack goes full scale. There is nothing that can be done to stop the attacks. I have ran multiple penetration tests on your entire network and your company fails miserably.
Again let me be clear. The only way I will work with TSI and stop the attack is to fire [identifying information redacted] and hire me and ensure I am compensated enough...."
Would your employees know to take something like this seriously if it came to their email? And what should they do about it?
The result: A judge just sentenced him to 37 months in jail. Bleeping Computer has the detailed write up on this case.
High school hacker demands compromising photos if girls want their Snapchat accounts back
Zachary Bridgeforth is a 17-year-old high school student accused of hacking into Snapchat accounts belonging to girls at his school in Vancouver, Washington.
According to Vancouver's Digital Evidence Cybercrime Unit, he then used hacked accounts to contact more girls at the school and ask them for their usernames and passwords. That worked.
And police say he also created fake social media accounts, posing as real people at school, to do the same thing. Next, came the demand.
"While in possession of the fraudulently obtained social media accounts, Bridgeforth tried to obtain passwords to a private location on the female students’ Snapchat accounts. He told them that he wouldn’t return their accounts unless they gave him their passwords or sent compromising photos. He told one female student that he would 'send her pictures to the world' if she didn’t meet his demands, according to court documents."
How did police find out about this? "A female student told the school resource officer that someone hacked into her social media account, accessed nude photos that were kept in a private section of the account, and then distributed the photos to other students."
Do your employees know this kind of thing is happening? Have they told their kids to never share passwords even if their "best friend" seems to be asking for it?
The result: The alleged teen hacker faces a slew of charges and will have a hearing on January 24th, where a judge will decide if he should be charged as an adult.
The Columbian newspaper has the writeup on this serious issue.
One thing we've heard from our SecureWorld Advisory Council members is that good cybersecurity hygiene at home follows employees to the office.
Hopefully these illustrations will help your employees protect themselves, their families, and your network.
