The Great Resignation could lead to a great deal of employee theft, expert warns - pointing to recent heist

Image / Getty Creative

The "Great Resignation" wave could lead to a great deal of theft by disgruntled ex-employees at New Zealand companies of all sizes, security expert Shane Day warns.

The pandemic has seen a wave of people quitting their jobs in the US and other countries as they feel disconnected and demoralised during endless cycles of lockdowns - and relatively buoyant job markets give them plenty of options to go elsewhere.

A recent AUT survey found "Great Resignation" sentiment has been building in New Zealand over the past 18 months, too.

Day says the wave of people quitting their jobs will include ranks of disgruntled employees, and he warns that firms that fail to immediately disable their former employees' computer access run the risk of malicious "revenge" attacks on their systems, potentially costing thousands – or millions – of dollars to fix.

As Exhibit A, Day points to a recent incident involving Cromwell-based Summerland Express Freight had been ripped off by ex-employee Ross John Murdoch.

After leaving Summerland, Murdoch used an unauthorised logon to access the firm's computer systems, the Otago Daily Times reported in June.

The 31-year-old Moa Creek man then used the company's vehicle tracking system to locate a truck called the Green Goddess and steal $10,000 worth of cigarettes.

Summerland Express Freight general manager Grant Lowe told the court that he would have taken a bullet for Murdoch.

He was shocked by the betrayal.

"Sometimes the person you'd take a bullet for is the person behind the trigger," the trucking boss said in his victim impact statement.

Day told the Herald that while Lowe's faith in his ex-staffer was admirable, Murdoch's durrie heist illustrated that tight systems and procedures were needed around all departing employees.

And while Murdoch hijacked ciggies, hijacking data was more common - and intellectual property theft could be costlier.

"This is a problem common to businesses of all sizes, and even governments," said Day, chief technology officer at Unify Solutions, which provides access, security and governance solutions.

"Unfortunately, many businesses find out the hard way that not all employees have those good intentions, particularly when they are leaving the company."

The GCSB's National Cyber Security Centre (NCSC) recommends that to limit the potential damage inflicted by those without good intentions, businesses should ensure they know exactly who can access information and limit access to information on a "need to know" basis.

The average cost to businesses who experienced a cyber attack was $159,000, according to the results of the HP New Zealand IT Security Survey of more than 500 small/medium businesses across New Zealand, released last week. The report identified employee carelessness as one of the top three greatest security threats.

"Information security is about ensuring information is both available to those who need it, and not available to those that don't," Day says.

The Government's Computer Emergency Response Team (Cert NZ) recommends that organisations follow the "principle of least privilege" meaning staff only have the access to computer systems that they need to do their job.

Cert recommends organisations keep a real-time list of which employees have access to a system, and at what privilege level - and more so when staff are scattered to home office - and to adjust it every time someone departs.