Waste Management(US:WM) 3 6 Ke·2025-11-21 12:23Core Insights - The article highlights the increasing threat of insider attacks, particularly from disgruntled former employees or contractors, as exemplified by the case of Maxwell Schultz, who caused significant operational disruption to a major company after being terminated [1][7]. Group 1: Incident Overview - In May 2021, a major company in the U.S. experienced a cyber attack that resulted in a direct loss of $862,000 (approximately 6.13 million RMB) due to an internal employee's actions [1][4]. - The attacker, Maxwell Schultz, was a former IT contractor who exploited weaknesses in the company's access control processes to regain entry into the internal network [2][3]. Group 2: Attack Methodology - Schultz utilized his knowledge of the internal system to impersonate another contractor and obtained new login credentials, allowing him to access the company's network [2]. - He executed a PowerShell script that reset passwords for approximately 2,500 accounts, leading to a complete operational halt across the company [3][4]. Group 3: Consequences of the Attack - The attack resulted in widespread employee downtime, as thousands were unable to log into their computers, leading to significant payroll costs without productivity [4][5]. - The customer service system was severely impacted, as it relied heavily on internal systems that became inaccessible due to the password resets [6]. - Recovery efforts incurred substantial costs, including the need for IT teams to restore accounts and investigate the breach, which could take days or weeks [6][7]. Group 4: Broader Implications - The incident underscores a growing trend of insider threats, particularly in industries that rely on outsourced labor with elevated access privileges [7]. - Companies often focus on technical defenses like firewalls and intrusion detection but may neglect the human element, especially concerning former employees with insider knowledge [7][8].