Beware the "Island Hopping" Hacker

[William Knowles <wk () C4I ORG>]

http://www.businessweek.com/bwdaily/dnflash/june2000/nf00606g.htm

The technique of entering a closed network through a remote link poses
more of a threat as companies expand their connections

France -- the land of the Eiffel Tower and foie gras -- is also a
favorite destination for hackers on virtual journeys. Likewise, Poland
is a big draw for malicious cypherpunks. Is kielbasa the lure? Hardly.
The governments of France and Poland have steadfastly refused to allow
businesses or colleges and universities to use strong encryption
technologies to guard the content and traffic on their computer
systems.

By limiting institutions to only 56-bit encryption (as opposed to the
far stronger 64-bit methods), Poland and France tempt hackers. "If a
giant telecom company has an office in France configured to have equal
access to all the other country offices on their computer network,
that's an easier target," says Samir Kapuria, a senior security
architect at Cambridge (Mass.) security company @stake
(www.atstake.com).

> From a breach in the system in a Warsaw or Paris office, a hacker
could easily work his or her way through the company's proprietary
communication network back to headquarters in New York. But that's
only the final leg of the journey. Before hackers even attempt to
compromise the company's system in Warsaw or Paris, they would likely
have traveled through 5 or 10 other computer systems belonging either
to trusted customers, partners, or just individuals.

[...]


*-------------------------------------------------*
"Communications without intelligence is noise;
Intelligence without communications is irrelevant."
Gen. Alfred. M. Gray, USMC
---------------------------------------------------
C4I Secure Solutions             http://www.c4i.org
*-------------------------------------------------*

ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".