The Insider Threat: How Disgruntled Employees Can Cause Cybersecurity Risks

Cybersecurity risks both inside and outside are a significant concern to businesses. Disgruntled employees, who often have unsupervised access to company information and technology, can cause substantial damage to a business. These employees can damage a company’s reputation and interfere with its ability to function smoothly.

In the USA, employee errors are the primary cause of security risks to businesses. Most often, unintentional mistakes lead to massive losses and data breaches that cost companies thousands if not millions of dollars to rectify.

Security Violations Categories

88% of data breaches result from employee mistakes. They’re categorized broadly into two types:

Unintentional Violations

Unintentional risks occur from non-malicious errors like misconfigured firewalls or accidentally deleting data. In 2016, an attacker pretending to be CEO Evan Spiegel talked an employee into revealing the financial information of all current and former employees.

In another occurrence, in March 2016, a Federal Deposit Insurance Corp employee downloaded sensitive data to a personal storage device. Although the breach had little impact on the institution, it could have affected at least 44000 clients whose information was on the storage device.

Unintentional risks are the most common cause of security violations. Companies can avoid them by implementing better employee training programs.

Intentional Violations

Intentional breaches are caused by employees who “go rogue” and exploit security gaps to access or tamper with confidential information. Intentional wrongdoing can happen for a variety of reasons, including;

  • Theft,
  • Vandalism,
  • Sabotage, and
  • Espionage.

Many employees who engage in company malfeasance sometimes work with outsiders to steal or damage company property. Disgruntled employees have motives that range from revenge to financial gain, causing security risks that are sometimes impossible to predict. The most common examples of security risks from employees are;

  • The theft of company property,
  • Copying or tampering with confidential information,
  • Vandalism, and
  • Sabotage.

Theft can happen in many forms, such as theft of company property, stealing money, or taking credit for another employee’s work. Copying information can be done by accessing a computer, printing off files, taking pictures of documents or screenshots of computer screens. Tampering with data can be done by

  • Deleting files,
  • Infecting company systems with viruses or malware,
  • Tampering with logs,
  • Altering databases, and
  • Sabotaging hardware or software.

What Prompts Disgruntled Employees to Act Out?

There are various motives for disgruntled employees to act out and cause intentional harm. Common reasons include but are not limited to:

Financial Gain

Employees who work with outsiders can access or steal valuable trade secrets, financial data, and other confidential information. It is an attractive option for many because the payoff is usually much higher than their salary. However, in the end, the employer ends up losing everything when caught.

Compelled by Hacktivism

Hackers that go after companies might do so because the organization has information they think should be shared or does not align with their personal beliefs. In some cases, attackers want to spread awareness of particular issues and target businesses as a form of protest.


Vandals can cause significant damage to a business’s physical property or its online presence. Examples of vandalism include website defacement, denial-of-service attacks, and graffiti on company walls. Vandals typically attack for revenge because they disagree with a company’s policies or practices or simply for fun.


Outlaws sometimes attack to intimidate a company into complying with their demands. They may also try to intimidate a business into complying with entirely different laws. In newsworthy incidents of this type, attackers have demanded ransom from companies, sometimes threatening to release sensitive information if not paid.

Feeling They’re Unjustly Let Go

A disgruntled employee might feel wrongly terminated or mistreated, motivating them to retaliate against their employer or other employees. For instance, the former city of San Francisco network administrator, Terry Childs, believed that his termination was unfair.

He encrypted all the network’s passwords. He wanted to get even with the city for not recognizing his years of service and loyalty. He also felt that his supervisors were incompetent.

Is There a Solution to Corporate Data Breaches?

Companies can take several steps to prevent disgruntled employees from causing security risks like theft, vandalism, sabotage, and espionage. The solutions include:

Focusing on Employee Training

Cybersecurity training can help employees recognize and respond to suspicious activity such as phishing attacks. The training sessions help employees identify security risks in their day-to-day activities, such as connecting USB drives they find on the street into devices that store company information. The training also enables employees to understand the impacts of intentional data breaches.

Prioritizing Cybersecurity

Ponemon Institute published a report revealing that 66% of SMBs dealt with a cybersecurity attack in 2019. 76% of the survey’s participants have US-based businesses. Although some companies have streamlined their budgets to prioritize cybersecurity, many are still not doing the right things to protect themselves adequately.

For instance, one of the most common mistakes is not using multifactor authentication. Prioritizing cybersecurity can considerably lower the number of attacks currently experienced by businesses worldwide.

Understanding the Psychology of Human Errors

Almost every data breach results from human error-most often in the form of a phishing email. Hackers use social engineering to take advantage of people’s trust and empathy, making them open emails that include malicious attachments or click on links that lead to malware downloads. Training can help mitigate this risk by reducing an organization’s digital footprint exposed to cybercriminals.

Implementing Level Authorization

Level authorization is the practice of allowing certain employees to access specific parts of a system. For instance, a clerk might not need access to the production servers where customer information is stored. In addition, companies can limit what kind of files users can download from external devices by using file-level permissions.

Implementing Activity Monitoring

Monitoring employee activity can help detect suspicious activities related to data theft. For instance, if an employee is searching for jobs on company time, it might indicate they’re preparing to leave the company.

Companies can also monitor activity on devices connected to the network and review access logs to spot employees who attempt to access parts of the system they don’t typically use.

Monitoring employees can help companies detect potential threats and risks before anything happens. These measures give managers a chance to make changes or take action before an employee acts on their intentions. Employee monitoring also helps companies ensure they meet compliance requirements and spot suspicious behavior early.

Buying a Cyber Liability Insurance Policy

Companies can tighten their security by implementing a cyber-liability insurance policy to protect them from financial loss or legal penalties in the event of an attack. The policy can help protect the business from both internal and external risks.

Hire a Professional IT Support and Services Agency to Avoid Data Breaches

To mitigate the risk of disgruntled employees, companies should consult with a professional cybersecurity and resilience company. These experts can help identify existing vulnerabilities and implement suitable security measures to protect sensitive information.

The effort includes implementing an employee monitoring program that alerts managers about damaging activity. Technijian is a company that specializes in helping companies become more resilient and competitive.

Talk to us today to establish how we can help you avoid data breaches and other security threats from disgruntled workers.

Ravi JainAuthor posts

Technijian was founded in November of 2000 by Ravi Jain with the goal of providing technology support for small to midsize companies. As the company grew in size, it also expanded its services to address the growing needs of its loyal client base. From its humble beginnings as a one-man-IT-shop, Technijian now employs teams of support staff and engineers in domestic and international offices. Technijian’s US-based office provides the primary line of communication for customers, ensuring each customer enjoys the personalized service for which Technijian has become known.

No comment

Leave a Reply

Your email address will not be published. Required fields are marked *