Greed drives malevolent insider to steal former employer’s IP

创业投资 CSOONLINE (源链)
Thinkstock (Thinkstock)

We’ve written about the insider who wreaked havoc on a company after he resigned. We’ve also written about the executive who is recruited away by a competitor and is alleged to have taken his employers intellectual property (IP) with him on the way out the door.

But we haven’t discussed the former employee who resigns to create a company that competes against you and uses continued access to remain competitive — until now.

Jason Needham used to work at Allen & Hoshall, a design and engineering company located in Memphis, Tennessee. Needham resigned and co-founded a competing company, HNA-Engineering, but he didn’t leave Allen & Hoshall’s presence. No, he helped himself to the labors of his former employer, and he did it from afar.

According to the Department of Justice:

Needham admitted to repeatedly accessing, over a nearly two-year period, Allen & Hoshall’s servers to download digitally rendered engineering schematics and more than 100 PDF documents containing project proposals and budgetary documents.

Needham also admitted to accessing, on hundreds of occasions, the email account of a former colleague at Allen & Hoshall, which provided Needham access to the firm’s marketing plans, project proposals, company fee structures and the rotating account credentials for the company’s internal document-sharing system.

Needham used his unauthorized access to view, download and copy proprietary business information worth over $500,000.

That’s a mouthful. According to court documents, Needham left Allen & Hoshall in 2013 and co-founded HNA Engineering (HNA) in Arlington, Tennessee. The GovTribe listing for HNA identifies Needham as the point of contact for “government business.” It’s important to note from the outset, that Needham’s business partner at HNA warned Needham against taking these actions.

Needham had normal, authorized access to Allen & Hoshall’s FTP servers during his period of employment. When he left Allen & Hoshall, his access credentials were revoked and terminated (2013). It is not explained in the court documents how, with his access credentials revoked, Needham managed to continually access the FTP servers from 2014 to 2016. According to Allen & Hoshall, those who had access were limited to people within Allen & Hoshall who had a need to know and the client. What is known is Needham downloaded a boatload of data (as detailed above).

Needham also accessed the email of a former Allen & Hoshall colleague. Again, the court documents do not reveal how Needham came to have the log-in credentials for the employee’s email. What is known is that via this individual’s email account, Needham had access to the business side of Allen & Hoshall (as detailed above).

Strong off-boarding process needed

What could Allen & Hoshall have done better during the off-boarding of Needham to obviate the risk of his access? The court documents show us that Allen & Hoshall changed their FTP password credentials and that the defendant circumvented the change. One may speculate this access was made possible through his having compromised the email of his former colleague.

We don’t know if Allen & Hoshall had data loss protection technologies in place that would have highlighted Needham’s IP address as both unexpected and unauthorized. We do know that when the IP logs were inspected, Needham’s IP address was noted as having accessed the email of his former colleague, thus there were logs present.

If the FTP servers and email access required multifactor authentication, would Needham been thwarted? And though malevolent in intent, would he have been denied access from the outset?

The bottom line: Your trusted insider is trustworthy — until they aren’t. When an employee leaves, make sure the off-boarding process is comprehensive. And let colleagues and customers know the employee has departed and that access control lists are being adjusted and credentials reissued. Greed is a primary motivator for individuals to bend the rules and purloin the IP of others for their own benefit

And yes, Needham was sentenced to 18 months in prison, with two years of supervised release, and ordered to repay Allen & Hoshall $173,393.71.


Christopher Burgess is an advocate for effective security strategies, be they at the office or home for you and your family. Christopher, served 30+ years within the Central Intelligence Agency. He co-authored the book Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century .


New! Download the State of Cybercrime 2017 report

You Might Like


诺奖揭晓 果蝇助获奖科学家揭人体生物钟的分子机制... 网易科技讯10月2日消息,2017年诺贝尔生理学或医学奖授予三名美国科学家迈克尔·杨(Michael W Young)、杰弗理·霍尔(Jeffrey C Hall)、迈克尔·罗斯巴希(Michael Rosbash),以表彰他们在研究生物钟运行的分子机制方面...
LeaveLogic parental leave management platform acqu... LeaveLogic CEO Anna Steffeney. Unum , a Chattanooga, Tenn.-based provider of employee benefits solutions, has acquired LeaveLogic...
Suncorp to push pause on core banking migration Waits on system enhancements from Oracle. Suncorp's banking arm is continuing to work on shifting to its new Oracle core banking platform, but the c...
Fast Pass: Your Ultimate Guide to the Best of Jenk... At the end of the month, Jenkins users and DevOps professionals from around the world will head to San Francisco for the annual Jenkins World confere...
Sabre宣布裁员900,过去3年员工增幅超30%... 【环球旅讯】(本文编译自Tnooz)美国旅游技术服务商Sabre近日宣布裁员,将在现有1万个职位中削减约900个,裁减幅度达到9%。该公告是Sabre对新加坡海峡时报的媒体咨询所做出的回应。 公告称:“自2014年我们上市以来,Sabre一直保持增长和扩张,我们提升了收入,实施战略收购,增加了...
CSOONLINE责编内容来自:CSOONLINE (源链) | 更多关于

本站遵循[CC BY-NC-SA 4.0]。如您有版权、意见投诉等问题,请通过eMail联系我们处理。
酷辣虫 » Greed drives malevolent insider to steal former employer’s IP

专业 x 专注 x 聚合 x 分享 CC BY-NC-SA 4.0

使用声明 | 英豪名录