Firewall Wizards mailing list archives
Re: Firewalls and 802.1q trunking
From: Brian Ford <brford () cisco com>
Date: Sun, 15 Dec 2002 16:16:10 -0500
Mike, et. al.; The problem keeps on coming back to finding the person to grab by the collar.Take a look at the recent case of Phillip Cumming, a former employee of Teledata Communciations on Long Island, New York. Teledata produces, sells, and supports software that is used in conjunction with an account at one of the major credit reporting agencies in order to manage credit information. Teledata (TCI) is not a credit reporting agency themselves.
http://www.newsday.com/business/ny-bzside1126,0,1581798.story?coll=ny-business-headlines and http://www.tcicredit.com/news.htmCummings is alleged to have sold the software and more importantly access via account IDs and passwords that he fraudulently obtained based on his employment and role at Teledata; to individuals involved in a separate credit / identity theft scheme. He is supposed to have received upwards of $60 per report. He is supposed to have supplied an untold number of these reports that was estimated in the press in the tens of thousands.
So in this case the person who was arrested worked for a software company independent of the credit agencies. He should have had no access to credit data. He exploited whom he worked for in order to gain information from legitimate users of the credit data, and then passed along details of their accounts.
So if you are a credit reporting agency you are getting slammed here and for what. Because someone who worked for a third party software supplier is supposed to have stolen and sold his employers software; and additionally gained access to account information he (again allegedly) illegally received from folks who are supposedly credit agency customers. This employee abused a trust relationship with his employer to gain access to the software and to his employers customers to gain access to accounts.
Inside knowledge and access remains a huge and difficult to quantify problem. Liberty for All, BrianAt 10:46 AM 12/15/2002 -0500, firewall-wizards-request () honor icsalabs com wrote:
Message: 2 Date: Sat, 14 Dec 2002 13:57:53 -0800 (PST) From: Mike Hoskins <mike () adept org> To: firewall-wizards () honor icsalabs com Subject: Re: [fw-wiz] Firewalls and 802.1q trunking From: t <miedaner () twcny rr com> > I like to say you that I can grab an employee by the collar and make him > stop what he is doing or prosecute. How about disgruntled employees with inside knowledge? I don't like some of the hype surrounding many Internet-related statistics (they're generally made up to sell the product at hand), but you should also never get in the habit of dismissing potential threats. Trust noone. Also, it's typically cheaper to prepare than to deal with the mess after the fact (and explain potential downtime or data loss to clients). "Marcus J. Ranum" wrote: > The "80% of attacks come from the inside" statistic that > has been broadly quoted by INFOSEC practitioners is, as far > as I can tell, completely made up. In fact, the shocking > results of a recent study revealed that 99.5% of statistics > regarding Internet Security are made up, or otherwise based > on flawed assumptions.* 99.5% of statistics are made up. That's the game statisticians (get paid to) play. ;) In general, if you just go around grabbing statistics without any attempt to verify data yourself or apply the results of the lated studies to your specific installation, needs, etc... You'll waste a lot of money and end up with a security infrastructure that looks something like swiss cheese. If you're a security person, you're tasked with asset identification, risk analysis, etc. Don't trust other people to do your work for you... That goes for most things in life. -- Mike Hoskins This message is RFC 1855 compliant, mike () adept org www.adept.org/pub/rfcs/rfc1855.html
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Firewalls and 802.1q trunking, (continued)
- Re: Firewalls and 802.1q trunking Steffen Kluge (Dec 04)
- RE: Firewalls and 802.1q trunking Steve Evans (Dec 10)
- RE: Firewalls and 802.1q trunking Marcus J. Ranum (Dec 11)
- Re: Firewalls and 802.1q trunking Dragos Ruiu (Dec 12)
- RE: Firewalls and 802.1q trunking Bill Royds (Dec 13)
- Re: Firewalls and 802.1q trunking t (Dec 13)
- Re: Firewalls and 802.1q trunking Dragos Ruiu (Dec 12)
- RE: Firewalls and 802.1q trunking Sloane, David (Dec 11)
- RE: Firewalls and 802.1q trunking Marcus J. Ranum (Dec 12)
- RE: Firewalls and 802.1q trunking R. DuFresne (Dec 13)
- RE: Firewalls and 802.1q trunking Marcus J. Ranum (Dec 12)
- Re: Firewalls and 802.1q trunking Mike Hoskins (Dec 14)
- Re: Firewalls and 802.1q trunking Brian Ford (Dec 15)