113
Developer sabotaged ex-employer with kill switch that activated when he was let go
(go.theregister.com)
this post was submitted on 08 Mar 2025
113 points (100.0% liked)
Pulse of Truth
837 readers
20 users here now
Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).
This community is automagically fed by an instance of Dittybopper.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
If this dev had this much access and his work didn't do any sort of code review, I don't understand how their CSOC or ISO isn't on trial along with him.
This is terrible OpSec.
In order for me to create an IAM role, I have to have two different people to approve it, along with the access control team, along with a change review on what the role does and how it will authenticate.
Dev teams cannot access production. Prod teams cannot access code directly. Only machine roles can access databases directly.
We have so many checks and balances that it's amazing we get anything done.
I work in a high security industry. You'd be amazed at what you can do if you are willing to ignore the process. Our real defense against insider threats is attribution, law enforcement, and incident recovery. By the sounds of it, that is exactly what happened.
I’m guessing it was a small company and/or super legacy systems and processes. I didn’t read the article.