Search Disaster Preparedness Blog

Entries in Computer Security (3)

Monday
Nov102008

United States Computer Systems Under Attack, IT Security Lacking



White House emails and networks infiltrated, President elect Obama, and Senator McCain's computers attacked and infiltrated during the summer at least once.

The Chinese have been accused and caught spying on the United States since the early Clinton administration, though nothing has really been done about it.

Little action has been taken to secure the systems, guard information from them, and they are still vulnerable.

The scary part, is apparently the ease with which they were allegedly able to penetrate the systems and this should be a warning to any future candidates running for the office of the President of the United States, and any other people in the Government.

It was recently announced that the World Bank was hacked apparently numerous times as well.

Too many Companies, and Government systems holding sensitive data are unnecessarily vulnerable to outside attack. Placing this data on vulnerable and accessible networks is like leaving the door to the candy store wide open.

Recently, Michael Horowitz had a post on his Defensive Computing blog titled "Some Computers Are Too Important To Be Networked". I highly suggest you read it, and apply its lessons to your computer security plans. It is a short post and well worth reading.

An earlier post I had on this can be found here: Obama and McCain Computers Hacked Over The Summer.

Source 1
Source 2
Source 3
Source 4 U.S Treasury Hacked
Source 5 World Bank Hacked
Source 6

Tuesday
Jul222008

UPDATE: On Rogue IT Admin In San Francisco

The story has of course received a large amount of coverage and apparently one of the writers over at InfoWorld has been given more on the story by an insider.

I am not going to post the story on my blog word for word but rather provide a link back to the story at InfoWorld. I think it is a worth while read, especially if you are an IT manager, or in upper management where you work. Also an important lesson for admins as well.

Paul Venezia does an excellent job with the story and I prefer you read it directly from him, since the source contacted him with the information provided. Paul, thanks for the coverage.

Please read the full store here : InfoWorld, Why San Francisco's network admin went rogue.


Tuesday
Jul152008

IT Administrator In San Francisco Locks System, Refuses To Give Password

In San Francisco an IT administrator was arrested after locking the system to other administrators and refuses to give up the password.

The employee, 43-year-old Terry Childs, was arrested Sunday. He gave some passwords to police, which did not work, and refused to reveal the real code.

The system in question is a multi-million dollar computer system for San Francisco that handles sensitive data such as city payroll files, jail bookings, law enforcement documents, and official e-mail for San Francisco.

While the network is currently functioning, administrators have little to no access to the system.

There are those out there that would argue with me, (since we have before) but many would agree that this is a Computer Security and Business Continuity issue.

Computer Security 101, no one person should be able to access the system the way Terry Childs did and lock out other administrators to the degree that he has done.

I am not going to take a deep dive into computer security here now but I urge all IT security departments to review policies. Especially concerning the sharing of passwords, review permissions policies, and look at the scenario, can any one person in my IT department deny global access or lock up my system? Go here for more on Computer Security. Childs created a password that granted him exclusive access to the system.

Though no reason for the malicious insider attack to the system has yet been established it has been reported that mister Terry Childs was cited recently for poor performance.

Even though the system is up and running he could have just as easily brought down part of, if not the entire network and it is being estimated that the cost to repair the damage will be several million dollars.

In this day and age insider threat is very real, and your business continuity plan, and security policies should account for such possibilities of the rouge IT administrator.

For more on this story please see the sources below.

Source 1
Source 2