Return-Path: <sentto-279987-3793-1005091871-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Tue, 06 Nov 2001 16:12:09 -0800 (PST) Received: (qmail 22021 invoked by uid 510); 7 Nov 2001 00:10:13 -0000 Received: from n21.groups.yahoo.com (216.115.96.71) by 204.181.12.215 with SMTP; 7 Nov 2001 00:10:13 -0000 X-eGroups-Return: sentto-279987-3793-1005091871-fc=all.net@returns.groups.yahoo.com Received: from [10.1.4.56] by n21.groups.yahoo.com with NNFMP; 07 Nov 2001 00:09:05 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_0_1); 7 Nov 2001 00:11:11 -0000 Received: (qmail 82557 invoked from network); 7 Nov 2001 00:11:11 -0000 Received: from unknown (216.115.97.171) by m12.grp.snv.yahoo.com with QMQP; 7 Nov 2001 00:11:11 -0000 Received: from unknown (HELO red.all.net) (65.0.156.78) by mta3.grp.snv.yahoo.com with SMTP; 7 Nov 2001 00:11:09 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id fA70BDv17887 for iwar@onelist.com; Tue, 6 Nov 2001 16:11:13 -0800 Message-Id: <200111070011.fA70BDv17887@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Tue, 6 Nov 2001 16:11:13 -0800 (PST) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Layoffs.raise.hacking.fears] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Layoffs raise hacking fears: Computer threats lurk inside and out By Jennifer Beauprez, Denver Post, 11/5/2001 <a href="http://www.denverpost.com/Stories/0,1002,33%257E208799,00.html">http://www.denverpost.com/Stories/0,1002,33%257E208799,00.html> Monday, November 05, 2001 - Cyberterrorism may be the hacker story of the day, but security experts say the bigger threat to businesses is disgruntled employees. And as the number of layoffs grows, so does the risk. "All the hype in the media about cyberterrorism and viruses is distracting network executives away from the real threat, which is their own employees," said Bob Forbes, vice president at Authentor Systems Inc., a security software firm in Denver. Forbes said 60 percent to 70 percent of computer breaches come from the inside. Employees know the system. They know the company. And they know what to do to make the company hurt. Today, as the pink slips fly - with more than 27,300 so far in Colorado this year - employees have more reason to hack. Workers could be struggling financially and stand to profit from stealing valuable data. Or they could simply be angry that poorly performing co-workers kept their jobs. "Most of the employees are honest and want their companies to succeed," Forbes said. "But a market like this can really turn things. Employees who wouldn't otherwise be disgruntled now have a lot more motivation." The best defense, experts say, is simple: Be nice to workers. Inform them in person rather than by e-mail and treat them with respect when they leave. Cisco Systems Corp. scored some points with some of the 6,000 technology workers it laid off last spring. The computer networking firm gave them a six-month severance package and career counseling. It offered to pay a third of an employee's salary and all benefits and possibly rehire employees in a year if they went to work for nonprofit groups. "Most folks are professional on the way out the door and recognize that layoffs are a part of life," said Ed Aro, a lawyer at Hogan & Hartson LLP in Denver who has represented employers. "And if they're treated professionally, they'll reciprocate that." But business executives are also stocking up on software to monitor employee computer activity and hidden codes in the systems. Companies are being more careful when planning layoffs. They must consider physical security and access to buildings and simultaneously shut off multiple computer privileges. Experts say the decision to terminate an employee should be kept quiet until the announcement is made. "There's an important element of surprise there," said Mark Baisley, president of Enspherics, a Denver-based security firm. "If an employee has a suspicion for some time that there will be layoffs, they can leave behind trojan horses - back doors (to hack into computer systems)." If employers aren't careful, Baisley said, tech-savvy workers can steal trade secrets, business plans, customer lists and databases of customer credit-card numbers. They can take down entire databases or program computer viruses to be unleashed when they're fired. One of the most well-known cases is that of Tim Lloyd, a former network administrator for Omega Engineering Corp. in Stamford, Conn. In 1996, he wrote six lines of code that destroyed the programs that ran the company's manufacturing machines, costing Omega more than $10 million in losses and $2 million in reprogramming costs and eventually leading to 80 layoffs. He was convicted of computer sabotage in September. Also in September, a Miami jury found engineer Herbert Pierre-Louis Jr. guilty of planting a software virus that disabled the computer network at Purity Wholesale Grocers Inc. for two days. The virus cost the company $84,000 in lost profits, new hardware and software and manual labor. Security executives say they know of plenty of other less extreme stories in Denver, but company executives who have been victimized won't talk. "It's the dirty laundry they don't want to talk about," said Art Zeile, chief executive of Inflow Inc., a Denver operator of computer data centers. "It's an admission that you don't do your layoffs right." That's exactly why few criminal cases get prosecuted, said Jim Troxell, an information technology attorney for Squire Sanders and Dempsey LLC in Cleveland. Troxell said computer consultants and government agents can quickly trace the source of the attacks, since it's difficult to erase evidence from a computer hard-drive. And employers can file criminal charges under the federal and state laws that carry up to 10 years in prison and $15 million in fines if convicted. Still, most employers let the crimes go. "There are a lot of good laws," Troxell said. "But all of them are in the glare of publicity, and an employer would have to admit they left the door open." ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:59 PST