Re: [fw-wiz] Firewalls and 802.1q trunking
From: Brian Ford (brford@cisco.com)
Date: 12/15/02
- Next message: R. DuFresne: "[fw-wiz] recent disclosure debates"
- Previous message: Bill Royds: "RE: [fw-wiz] Corporate H/N IPS"
- Maybe in reply to: Steffen Kluge: "[fw-wiz] Firewalls and 802.1q trunking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: firewall-wizards@honor.icsalabs.com From: Brian Ford <brford@cisco.com> Date: Sun Dec 15 18:21:18 2002
Mike, et. al.;
The problem keeps on coming back to finding the person to grab by the collar.
Take a look at the recent case of Phillip Cumming, a former employee of
Teledata Communciations on Long Island, New York. Teledata produces,
sells, and supports software that is used in conjunction with an account at
one of the major credit reporting agencies in order to manage credit
information. Teledata (TCI) is not a credit reporting agency themselves.
http://www.newsday.com/business/ny-bzside1126,0,1581798.story?coll=ny-business-headlines
and
http://www.tcicredit.com/news.htm
Cummings is alleged to have sold the software and more importantly access
via account IDs and passwords that he fraudulently obtained based on his
employment and role at Teledata; to individuals involved in a separate
credit / identity theft scheme. He is supposed to have received upwards of
$60 per report. He is supposed to have supplied an untold number of these
reports that was estimated in the press in the tens of thousands.
So in this case the person who was arrested worked for a software company
independent of the credit agencies. He should have had no access to credit
data. He exploited whom he worked for in order to gain information from
legitimate users of the credit data, and then passed along details of their
accounts.
So if you are a credit reporting agency you are getting slammed here and
for what. Because someone who worked for a third party software supplier
is supposed to have stolen and sold his employers software; and
additionally gained access to account information he (again allegedly)
illegally received from folks who are supposedly credit agency
customers. This employee abused a trust relationship with his employer to
gain access to the software and to his employers customers to gain access
to accounts.
Inside knowledge and access remains a huge and difficult to quantify problem.
Liberty for All,
Brian
At 10:46 AM 12/15/2002 -0500, firewall-wizards-request@honor.icsalabs.com
wrote:
>Message: 2
>Date: Sat, 14 Dec 2002 13:57:53 -0800 (PST)
>From: Mike Hoskins <mike@adept.org>
>To: firewall-wizards@honor.icsalabs.com
>Subject: Re: [fw-wiz] Firewalls and 802.1q trunking
>
>From: t <miedaner@twcny.rr.com>
> > I like to say you that I can grab an employee by the collar and make him
> > stop what he is doing or prosecute.
>
>How about disgruntled employees with inside knowledge? I don't like
>some of the hype surrounding many Internet-related statistics (they're
>generally made up to sell the product at hand), but you should also never
>get in the habit of dismissing potential threats. Trust noone. Also,
>it's typically cheaper to prepare than to deal with the mess after the
>fact (and explain potential downtime or data loss to clients).
>
>"Marcus J. Ranum" wrote:
> > The "80% of attacks come from the inside" statistic that
> > has been broadly quoted by INFOSEC practitioners is, as far
> > as I can tell, completely made up. In fact, the shocking
> > results of a recent study revealed that 99.5% of statistics
> > regarding Internet Security are made up, or otherwise based
> > on flawed assumptions.*
>
>99.5% of statistics are made up. That's the game statisticians (get paid
>to) play. ;)
>
>In general, if you just go around grabbing statistics without any attempt
>to verify data yourself or apply the results of the lated studies to your
>specific installation, needs, etc... You'll waste a lot of money and end
>up with a security infrastructure that looks something like swiss cheese.
>If you're a security person, you're tasked with asset identification, risk
>analysis, etc. Don't trust other people to do your work for you... That
>goes for most things in life.
>
>--
>Mike Hoskins This message is RFC 1855 compliant,
>mike@adept.org www.adept.org/pub/rfcs/rfc1855.html
- Next message: R. DuFresne: "[fw-wiz] recent disclosure debates"
- Previous message: Bill Royds: "RE: [fw-wiz] Corporate H/N IPS"
- Maybe in reply to: Steffen Kluge: "[fw-wiz] Firewalls and 802.1q trunking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
