The Devil You Know: Responding to Interface-based Insider Attacks

by Ronald L. Mendell
Sept. 24, 2017 0 comments Symantec

Carl made a mistake. In his repetitious data entry job he entered employee information every workday. He always was careful to input the correct job requisition number in the user screen’s JRN field. “Without a correct JRN entered, the new employee input won’t process,” his supervisor told him the first day. This time instead of “34896KN” his fingers danced the wrong way with an input of “34896KL.” The input processed. Carl was able to go into the EMP_DATA file and correct it. The procedure was a bit of a pain, but he learned a valuable lesson his employer never meant for him to know. He realized he could set up bogus new employees on the payroll using a dummy JRN. By entering the wrong input he won the jackpot - his employer lost big time.

https://www.symantec.com/connect/articles/devil-you-know-responding-interface-based-insider-attacks