整理 | 苏宓 出品 | CSDN（ID：CSDNnews） 近年来，员工因为各种原因"报复公司"的事情屡见不鲜，有的删库跑路，有的偷偷改权限，还有的干脆在代码中"投毒"。即便诸多公司严格执 行"最小权限"原则，有时候仍是防不胜防。 如今，就连网络安全界巨头 CrowdStrike 也没能幸免。要知道平日里，CrowdStrike 可是保护着数百家企业免受黑客攻击，入侵检测、威胁情 报样样齐全。 可就是在这些严密的系统背后，一名员工悄悄把内部系统电脑的屏幕截图交给了黑客，还收了 25,000 美元"报酬"，导致这家以安全性闻名的公 司 在了自家员工身上摔了跟头。 针对这件事，CrowdStrike 已经证实事件属实，并对该员工进行了解雇，同时正在追究后续责任。 乍一看，完全像是一次成功的入侵现场。 对此，黑客们自己的说法是，这些截图证明了他们利用第三方供应商 Gainsight（通常用于客户管理）渗透进入了 CrowdStrike 内部系统，也 把这次包装成了又一次成功的供应链攻击事件。 " 黑客攻击 " 演变为 " 内鬼泄密 " 事件 要论事情究竟是为何以及如何发生的，一切的根源还要从上周四谈起。当时一个名 ...

Core Insights - The incident involving CrowdStrike highlights the growing threat of insider attacks, where employees betray their companies for financial gain [1][15][18] - Despite the breach, CrowdStrike's security systems effectively prevented unauthorized access to customer data, indicating the robustness of their defenses [12][13] Group 1: Incident Overview - An employee at CrowdStrike leaked internal screenshots to hackers in exchange for $25,000, compromising sensitive information [1][11] - The hacker group Scattered Lapsus$ Hunters claimed responsibility for the breach, asserting they accessed CrowdStrike's internal systems through a third-party vendor [3][7] - The leaked screenshots included access to CrowdStrike's internal dashboard and Okta single sign-on (SSO) links, raising concerns about the security of their systems [5][6] Group 2: Response and Consequences - CrowdStrike confirmed the incident, terminated the employee involved, and is cooperating with law enforcement for further investigation [1][12] - The company detected unusual behavior during an internal investigation, leading to the identification of the employee's actions [10][12] - Although sensitive information was leaked, CrowdStrike's systems remained secure, and customer data was not compromised [12][13] Group 3: Industry Implications - The incident serves as a wake-up call for the cybersecurity industry, emphasizing the difficulty of preventing insider threats [15][18] - Experts suggest implementing layered defense strategies, including behavior analysis tools and strict access controls, to mitigate insider risks [19][18] - The need for comprehensive policies and background checks during hiring processes is highlighted to address the human element of security [19][18]