By John L. Guerra
GRC & Fraud Software Journal
Another former IT worker is headed to prison for sabotaging his ex-employer’s computer networks, reminding companies the risk disgruntled employees can pose to their systems.
Anastasio N. Laoutaris has been sentenced to more than nine years in prison and fined $1.7 million for attacking his former employer’s computer system in 2011.
Laoutaris, 41, worked as an IT engineer for a Dallas law firm. Several months after he stopped working at the firm, Laoutaris accessed the systems and caused damage, “deleting or disabling hundreds of user accounts, desktop and laptop accounts, and user email accounts.”
Dark Reading reports that the IT engineer hacked former employer Locke Lord LLP’s networks and issued commands that deleted or disabled hundreds of user accounts, desktop and laptop accounts, and user e-mail accounts.
Jake Williams, a SANS Institute course author and founder of Rendition InfoSec, has warned companies before that disgruntled former IT employees pose security risks.
“Failure to terminate access during employee separation continues to be a weakness at many organizations,” Williams says. “Just having a policy is not enough. Organizations should ensure that supervisors at every level know that it is their responsibility to notify IT to suspend access for separated employees as soon as possible.”