Internal Hacker Attack – Several companies report security incidents!

M.Sc. Jan Hörnemann

Internal Hacker Attack – Several companies report security incidents!

Hacker attacks are more and more in the spotlight, as the number of expensive attacks is increasing. In a hacker attack, most people imagine that a criminal finds a security hole in the system from a distance and exploits it. However, there is also a so-called internal hacker attack, in which the own employees cause damage. This is exactly what happened recently at the three companies Shopify, Tesla and Instacart.

Internal hacker attack – This is how the criminals proceeded

The large online commerce store Shopify reports that two employees are now being prosecuted for collecting and abusing unauthorized contact information from merchants. The Canadian company is working with the FBI and other law enforcement agencies to conduct this security investigation.

The detailed investigation of the security breach is still in its early stages, but recent information reports that the two unscrupulous employees have been stealing transaction data from merchants. According to Shopify, this data does not include payment card information, but does include names, addresses and order details of products and services purchased.

Shopify is not the only company that has recently faced internal hacker attacks, but also Tesla and Instacart. Instacart had to notify 2180 buyers that former employees had tapped sensitive information. At Tesla, the internal hacker attack could be fended off just about as well, according to CEO Elon Musk. Russian hackers contacted a Tesla employee and tried to convince him to introduce malware into the company network. The Tesla employee reported the incident immediately, so no hacker attack took place.

Protection against internal attacks

The fact that such sometimes large internal hacker attacks are possible is often due to the internal network structure. Often employees have more rights and privileges that they do not really need. To prevent internal hacker attacks, it should be ensured that employees can only view the data and have the rights they need for their work.

Managing such configurations in large companies is very difficult and time consuming. We at AWARE7 GmbH offer internal penetration tests for such cases, in which we play an employee who suddenly becomes a criminal. We examine how far we get as a “normal” employee and which data we can access that we should not actually have access to.

With an internal penetration test you will receive detailed documentation on how you should adapt your network structure to avoid unscrupulous employees and thus internal hacker attacks.

Photo of author

M.Sc. Jan Hörnemann

Hello dear reader, my name is Jan Hörnemann. I am a TeleTrust Information Security Professional (T.I.S.P.) and have been dealing with information security topics on an almost daily basis since 2016. CeHv10 was my first hands-on certification in the field. With a Master of Science degree in Internet Security, I have learned about many different aspects and try to share them in live hacking shows as well as on our blog. In addition, I am active as an information security officer and have been qualified by TÜV for this activity (ISB according to ISO 27001)