[ISN] Internal Hacking Costs Users Dear

From: mea culpa (jerichot_private)
Date: Fri Oct 30 1998 - 02:14:33 PST

  • Next message: mea culpa: "[ISN] Black Hand Group hacks 'VJESNIK' Web Site"

    Forwarded From: Nicholas Charles Brawn <ncb05t_private>
    By Marcia MacLeod
    British business is losing thousands of pounds annually through
    unauthorised hacking of internal systems.  According to the Department of
    Trade & Industry, internal hacking has cost UK organisations #1.5bn since
    1992. Seventy per cent of all hacking incidents come from within the
    As delegates at the Information Security and Corporate Strategy conference
    held in London this week heard, these figures probably only reflect a
    small percentage of the illegal hacking carried out, since most firms do
    not publicise incidents in which their systems are accessed by
    unauthorised individuals. 
    "If someone is caught, it looks bad for the company," said David Cazelet,
    director of information security for Diligence, which organised the London
    event. "Normally, internal hackers are let off to avoid publicity." 
    Diligence says programs explaining how to gain illegal access to data or
    cause systems to fail can be downloaded from the Internet. 
    Sites such as Cult of the Dead Cow and H/P/A/V/C offer packages such as
    back orifice, brute force attack and network sniffer.  It is not illegal
    to download these files. However, accessing a computer system illegally is
    an offence under the Computer Misuse Act 1990. 
    Firewall is breached
    Firewalls may not provide sufficient protection against illegal hackers,
    internal or external. Diligence broke through Firewall-1, one of the most
    popular firewalls on 24 October. There was no trace or logging of the
    The breach took place against the latest version of Firewall-1, which is
    made by Israeli company Check Point Software Technologies. Firewall-1 is
    believed to be used by more than 60% of European organisations.
    COMPUTER WEEKLY 29/10/1998 P4
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:09:29 PDT