I rather like a good conviction story for cybercrime.
An IT consultant hacked a company in California and delated almost all of its Microsoft Office 365 accounts as an act of revenge. The company was shut down for two days as more than 1,200 accounts were removed.
The consultant was pulled from the migration project after customer complaints in January 2018 and sacked in early May. He then hacked into the customer on august 8.
He has now been sentenced to two years in prison and three years of supervised release and paying over $500,000 in damages to the company sabotaged, which represents the bills paid to recover from the damage.
Why do we care?
I keep saying it, it takes a while when the consequences come, but they do come. This is three years later.
The story doesn’t dig into the how of the breach, so let’s assume all was done correctly and this was an active breach. We care here from the lesson about how this would be prosecuted. In order to prove this, the company would need all of the forensics and evidence for present in Court. This would require coordination with law enforcement to ensure that evidence is properly handled and acquired. It would require coordination with the prosecutors to make it happen.
And so I ask… do most IT services companies have the expertise ready to handle this scenario? I’ve asked before – do you even have the process to call the FBI documented? If not, I’ve just assigned your homework. This is expertise well beyond just the technical, and if the statement is true that it’s just a matter of time until the breach… it’s true you’ll need this process.
Source: Bleeping Computer