Waste Management(US:WM) 猿大侠·2025-11-22 04:12Core Viewpoint - The article highlights the increasing threat of insider attacks, particularly from disgruntled former employees or contractors, as exemplified by the case of Maxwell Schultz, who caused significant financial damage to a large company after being terminated [1][11]. Group 1: Incident Overview - In May 2021, a major company in the U.S. experienced a cyber attack that resulted in a direct loss of $862,000 (approximately 6.13 million RMB) due to an insider threat [1][9]. - The perpetrator, Maxwell Schultz, was a former IT contractor who exploited weaknesses in the company's access control systems to regain entry into the network [4][5]. Group 2: Attack Methodology - After being terminated, Schultz used his knowledge of the internal system to impersonate another contractor and obtained new login credentials [6]. - He executed a PowerShell script that reset passwords for approximately 2,500 accounts, leading to a complete shutdown of the company's operations [8][9]. Group 3: Consequences of the Attack - The attack resulted in thousands of employees being unable to log in, halting all system-related operations while the company continued to incur payroll costs [10]. - The customer service system was paralyzed, as it relied heavily on internal processing systems, leading to service interruptions [10]. - The recovery process involved significant labor costs for IT teams, requiring days or even weeks of overtime to restore normal operations [10]. Group 4: Motivations and Broader Implications - Schultz's motivation was simply retaliation for his termination, highlighting the potential for emotional responses to lead to severe consequences in cybersecurity [11][12]. - The article emphasizes the growing trend of insider threats, particularly in industries that rely heavily on outsourced personnel with elevated access rights [11].