Lisa Bock discusses the disgruntled employee, which can pose a security risk to a company. Learn how potentially damaging a disgruntled employee can be by leaking company information, discouraging potential new hires, and stealing or damaging property. Watch as a disgruntled employee gives away the customer list to an unauthorized individual.
- [Voiceover] An employee becomes disgruntled…for a variety of reasons.…Once the rising star in an organization,…he or she may have lost favor over the years…by not keeping up with today's trends.…- Hey, did you see that Bob got…the direct marketing manager position?…- Yeah?…He's the new guy, right?…- Yeah, he's been here for like four months.…- Wow, climbing the corporate ladder two steps at a time.…
- Yeah, indeed.…- [Voiceover] Although they may have been a hard worker,…they may have been unappreciated, overworked,…underpaid, or passed up for a promotion.…Companies spend a great deal of money…focusing on external attacks,…yet fail to see the potential threat…inside the organization.…
(phone ringing)…- Hello.…- Yeah, hi, this is Eli calling from Litho Print.…Is this the direct marketing manager?…- What do you need?…- Great, yeah, we're running your next postcard campaign…and I need your client list.…- [Voiceover] A company may consider a client list…a trade secret, therefore kept out of the hands…of the competition.…
In this course, cybersecurity expert Lisa Bock discusses the methods a hacker might use, including embedding malicious links and attachments in emails and using mobile devices and social media to deploy an attack. She discusses the concept of "misuse of trust"—how hackers use charm, power, and influence to penetrate an organization—and why you need to be extra cautious with the disgruntled employee. Finally, Lisa discusses countermeasures security professionals can take to address these attacks.
Note: This course maps to the Social Engineering competency of the Certified Ethical Hacking exam. Review the exam objectives at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Visualizing the victim
- Recognizing an attack
- Using charm, power, and influence
- Manipulating with social media
- Preventing insider attacks
- Stealing identities
- Pen testing with social engineering
- Taking countermeasures