Waste Management(US:WM) Xin Lang Cai Jing·2025-11-28 03:22Core Insights - The article highlights the increasing threat of insider attacks, particularly from disgruntled former employees, as exemplified by a case involving a former IT contractor who caused significant operational disruption to a large company after being terminated [1][7]. Group 1: Incident Overview - In May 2021, a former IT contractor, Maxwell Schultz, caused a direct loss of $862,000 (approximately 6.13 million RMB) to a major company by exploiting security vulnerabilities after his termination [1][6]. - Schultz was able to regain access to the company's internal network by impersonating another contractor and using his knowledge of the system [3][4]. Group 2: Attack Methodology - The attack was executed using a PowerShell script that reset passwords for approximately 2,500 accounts, leading to a complete shutdown of the company's operations [5][6]. - The incident resulted in all employees being locked out of their computers, halting all system-related operations and disrupting customer service [5][6]. Group 3: Financial Impact - The financial repercussions of the attack included costs from employee downtime, customer service disruptions, and the expenses associated with restoring the network and accounts [6]. - The total loss was attributed to three main factors: employee work stoppage, customer service system failure, and the labor costs for recovery efforts [6]. Group 4: Motivations and Trends - Schultz's motivation for the attack was simply retaliation for his termination, highlighting a growing trend of insider threats driven by personal grievances [7][8]. - Cybersecurity experts warn that such insider attacks are on the rise, particularly in industries that rely heavily on outsourced personnel with elevated access rights [7][8].