A Senior Developer working mostly with PHP and JavaScript, with a bit of Python thrown in for good measure, all on Linux. My tooling is simple, it's GitLab and JetBrains where possible.
If users can do bad things, users will do bad things.
It's only a matter of time before someone does something they weren't supposed to, or which goes against the principles of the organisation (see theguardian.com/politics/2020/may/...)
People are often the weakest point in security.
If this was a social engineering or bribery for access attack, then there's only so much you can do from a technical point. If the attackers had someone on the inside, that's not much more different from the Cold War double-agent type intelligence officers.
People are greedy
It doesn't matter if they are complicit in the attack, or victims. If someone was bribed to help with the attack, they are greedy. If someone actually believed that they would double their money because some prominent figure "said they would", they are greedy. It's a very easy attack vector.
Smaller organisations are screwed when it comes to security
If the big players can't get it right, either through lax measures or not caring, then smaller organisations are always going to struggle with security. They can't afford to pay the salaries the big players can for the top talent
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
There's a few to take away that I can see:
If users can do bad things, users will do bad things.
It's only a matter of time before someone does something they weren't supposed to, or which goes against the principles of the organisation (see theguardian.com/politics/2020/may/...)
People are often the weakest point in security.
If this was a social engineering or bribery for access attack, then there's only so much you can do from a technical point. If the attackers had someone on the inside, that's not much more different from the Cold War double-agent type intelligence officers.
People are greedy
It doesn't matter if they are complicit in the attack, or victims. If someone was bribed to help with the attack, they are greedy. If someone actually believed that they would double their money because some prominent figure "said they would", they are greedy. It's a very easy attack vector.
Smaller organisations are screwed when it comes to security
If the big players can't get it right, either through lax measures or not caring, then smaller organisations are always going to struggle with security. They can't afford to pay the salaries the big players can for the top talent