Gongol.com Archives: June 2024

Brian Gongol


June 18, 2024

Threats and Hazards A dirty dozen

Fake working caught up with more than a dozen employees of Wells Fargo, who were fired for "simulating" activity on their computers in order to look like they were working when they were not. It's the kind of situation that isn't exactly new in its own right, but is much more widespread now that working from home -- at least in a hybrid format -- is now a post-pandemic normal in many companies, both large and small. ■ "Many foxes grow grey, but few grow good", wrote Benjamin Franklin in 1749. That was a long time before anyone worked from a laptop at home, but deception and laziness were nothing new even then. ■ It's possible to have substantial unease about an employer using panopticon-like tricks to watch their employees, while also having contempt for those who would take a paycheck in exchange for the mere illusion of activity. Two things can be bad at the same time. Bossware is creepy and cheating is wrong; both/and, not either/or. ■ There is a good chance, though, that the problem had even more to do with the particular tools being used to simulate activity -- Amazon is happy to sell the would-be un-worker a mouse jiggler for as little as $5.09. ■ But what else is that USB-enabled device capable of carrying? The very same kind of company that would openly sell a device for someone who would cheat for a paycheck is most certainly also the kind of company that might well be open to delivering a malicious payload onto the customer's (work) computer. ■ This is how black-hat hacking happens: Get people to insert dodgy USB devices in their computers without considering the consequences of the hidden payloads that might be on board. If a device is capable of standing in for your keyboard or your mouse, it's certainly also capable of being turned into a keystroke logger, in the perfect spot to record passwords, proprietary information, and other things that insiders shouldn't be giving away. ■ It's easy to make the story about lazy workers or Big Brother at the office. But it's an opening to much more than that: Everyone has a role to play in cybersecurity, and the Wells Fargo incident makes for a very good time to shine a light on that fact.


@briangongolbot on Twitter