Were AT&T employees paid to install malware on company computers? Find out what happened in the malware attack and steps you can take to prevent data breaches.
Alert: Department of Justice charges a person from Pakistan with paying employees of AT&T to install malware on company servers. Do you really know the risks your business faces as malware attacks become increasingly sophisticated and exploit the weakest link?
Here’s what happened and steps you can take now to protect your business from the human side of data breaches.
Did you ever ask a friend if they would do something “crazy” for a million dollars? The truth is that many people will do just about anything if the price is right. Add to this the potential for unhappy employees or employees who are in financial trouble that may accept less to sabotage their own company, and you have a disaster waiting to happen.
If the payoff for the malicious entity is high enough, who knows how much they’d pay to infiltrate your systems.
What Happened at AT&T
In this case, employees of AT&T allegedly received over $1M to install malware and unlock millions of iPhones. One AT&T employee alone is believed to have received nearly one half million dollars.
The scheme allowed those charged to use the phones off the AT&T network, which allowed then to sell phone unlocking services through their online company, SwiftUnlocks.
How They Pulled It Off
Those charged by the DOJ targeted certain employees they believed to be vulnerable through Facebook or telephone. Once the deeds were done, the employees received their money through shell companies, Endless Trading FZE, Endless Connections Inc., and iDevelopment.
When AT&T became suspicious and some employees were fired, the alleged criminals changed tactics, paying newly contacted employees to install malware that unlocked phones automatically.
This was a very coordinated operation that likely extends beyond those charged, although at this time, just how big this operation is is unknown.
As a result of these attacks, over $5M in revenues has been lost, legal costs are mounting and now at least one of the suspected perpetrators is behind bars, while the other was found dead.
Could something like this happen to your business? Even though you’re not a huge telecom business trying to keep customers locked into your plan, there are many ways something similar could happen to any business. And there are clear steps you can take to prevent coordinated attacks like these.
1. Invest is a Secure Network
Invest in firewall and malware technologies. But this is just the start. Have systems in place to quickly identify malicious software or attempts to bypass security measures.
2. Limit Employee Access
Implement security measures that limit the number of employees who can perform various highly sensitive actions.
3. Deploy Monitoring Technology
Setup ongoing monitoring of employee activities to identify actions that are out of the ordinary. When possible, utilize advanced AI technology to learn and anticipate employee behaviors to quickly detect when something is amiss.
4. Vet Third-Party Software
5. Invest in Employee Education
Keep employees informed about ways that cybercriminals exploit the human side of security (suspicious emails, 3rd-party software, contact from those asking employees to break laws, etc.). Have a system for employees to report such attempts.
6. Be prepared to adapt
Criminals are constantly finding new ways to exploit vulnerabilities. As a business leader, you must place people around you who stay up-to-date as attack methods evolve and can quickly implement effective solutions to protect your company from data breaches.