Subscribe to the "Super Villain of the Digital World?" web feed.Subscription options
Excerpt from:  ITIL
.
July 21, 2008

Super Villain of the Digital World?

San Francisco network sabotage leaves administrators feeling helpless

Hancock mirrors IT sabotage as super villainIt's still "dark" within the city of San Francisco's network and IT organization after it was determined one of its own network administrators went rogue and changed passwords and allegedly enabled lock-out code preventing any others from accessing the key components. He is still holding the master password for ransom.

According to Insider Threat Research from CERT there most likely would have been pre-cursory warning signs:

Summary of Observations made within a study conducted by CERT, US Secret Service and the National Threat Assessment Center

- 90% of Insiders were granted system administrator or privileged system access when hired by the organization

- 57% of Insiders were perceived as being disgruntled due to unmet expectations

- 92% of Insiders attacked following a negative work-related situation such as termination, dispute with employer, demotion or transfer

- 87% of Insiders performed technical precursors prior to the attack that were undetected by the organization

- 75% of Insiders created access paths unknown to the organization, 57% did not have authorized system access at the time of the attack

- 93% of Insiders exploited insufficient access controls

This should be chapter one in the "Worst Case Scenario" book for CIOs and corporate boards.

Ensure that controls are in place to allow IT administrators (role) to perform their duties (responsibilities) within their job function and scope (segmentation). However monitor, track and alert on all password changes to ensure that the keys to the digital foundation of your organization are not enabling IT Sabotage and or malicious hi-jinks.

This type of drama is unfolding like a comic book, similar to the Marvel comic character Rogue, who at times is good, at times is evil but shares one trait with today's Digital Super Villain - the ability to absorb the powers of others. This could even be exemplifed by the modern day boxoffice thriller Hancock

Bottom line: Don't let your controls only be policies on paper. Make sure you have the power of enforcement!

Kim Singletary
Director of Embedded Solutions
ksingletary@solidcore.com

Rajesh Rajamani
Product Manager
raj@solidcore.com

.
PermalinkSan Francisco Network Hijack
.ChannelWeb news story on the San Francisco network lock-out
.http://www.crn.com/security/209101383?cid=ChannelWebBreakingNews
.
PermalinkCERT Research on Insider Threat
.Insider threat research from CERT
.http://www.cert.org/insider_threat/
.
PermalinkHancock
.Sony pictures Hancock page
.http://www.sonypictures.com/movies/hancock/
Topic Tags:  , , ,
by tthompson | ↑top | link to this#
Syndication OptionsRSS (Rich Site Summary) Feed Atom Feed OPML (Outline Processor Language) Feed MYST-ML (MyST Markup Language) Content Feed MS-Office Smart Tag Subscription