AT&T employees took bribes to plant malware on the company's network

Discussion in 'other security issues & news' started by ZMsiXone, Aug 6, 2019.

  1. ZMsiXone

    ZMsiXone Registered Member

    Joined:
    Mar 30, 2017
    Posts:
    325
    Location:
    EUROPE/poland/germany
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    OK, so is this a surprise?

    These were probably not high-level professionals. But who knows?
     
  3. guest

    guest Guest

    not really, it is how industrial spying works too, bribing people. You have loads of cash, you will access any datas you need right from the source.
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    But these are likely relatively low-level people, right? I mean, is some engineer making $200K per year going to put their career at risk by accepting a $100K per year bribe? And that was the largest bribe -- less than $500K over five years. The rest were much less.
     
  5. AlexC

    AlexC Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    1,288
    Maybe it's a "plata o plomo" kind of offer...
     
    Last edited: Aug 7, 2019
  6. guest

    guest Guest

    Of course low level people will be mostly the ones who will take the bribe.
    But threat actors don't need more, once in the network, they will climb the ladder and compromise high level employee's machines.

    Sometimes calling a low level employee with a strict speech and tone is enough to get its network account credentials.
     
  7. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Yeah, that was my thought too.

    Gotta restrict access to the minimum necessary to do the job. The NSA, for example, learned that with Snowden. Really, you'd think that they knew better, no?
     
  8. emmjay

    emmjay Registered Member

    Joined:
    Jan 26, 2010
    Posts:
    1,413
    Location:
    Triassic
    The right amount of money was enough for them to take the risk. They got caught and now it depends on the consequences they will face. The most obvious being that they are no longer employed and their prospects going forward will be limited. Lawyers do not come cheap and if convicted, the judge may order them to pay reparations - bye bye bribe money!!!

    Since they reported that it was bribes, that eliminates threats. Someone said, 'Everyone has their price'. Consider a high level employee in crippling debt or a low level employee behind on the rent. A large sum of money would be an incentive to either. Also consider a disgruntled high or low level employee wanting to get even - they get a pile of cash and the promise that the edifice will crumble.

    It is never worth the risk.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.