http://seattletimes.nwsource.com/html/businesstechnology/134653561_laplink150.html By Kim Peterson Seattle Times technology reporter March 15, 2003 While driving to work on Interstate 405 Thursday, Mark Eppley checked his e-mail from his cellphone and saw a message titled "Break-in attempt." Eppley, the chief executive officer of Bothell software company LapLink, first thought that his business had been burglarized. "What are they going to steal, computers?" he thought. "Maybe they'll get a Pentium 4 if they're lucky." Then his day got much worse. Someone had broken into LapLink's computer system and planted enough bugs to disrupt business for days. E-mail had been down briefly and would soon be down again. Key files were missing, and other strange things were happening. LapLink had been hacked, a situation becoming increasingly common among corporations. Even as companies build one virtual wall after another around their computer networks, hackers are relentlessly searching out weaknesses and finding new ways inside. But LapLink's crisis had an unusual twist. It looked like the hacking came from a computer address at another company: Classmates Online. The hackers used the login names and passwords of two former LapLink employees who had moved on to jobs at Renton-based Classmates Online. Those employees had been in charge of LapLink's computer systems, and had intimate knowledge of — and, in some cases, created — the very network that was being targeted. That's when Eppley says his "heightened awareness" kicked in. "It's like breaking and entering," he said. "It's no different than that." The employees are now managers at Classmates Online, and Eppley said his team called one of them, who denied responsibility and suggested it was someone else with knowledge of his password. Eppley called Mike Smith, Classmates Online's CEO, who promised to look into the issue. When contacted, a Classmates Online spokeswoman said one of the employees was cleaning out his computer and found an icon on the screen linking to LapLink's system. He clicked on the link but did not log in. The other employee did not log in either, she said. By the end of the day, Classmates Online had begun an investigation and the two employees had been placed on paid administrative leave. But that wasn't the end of LapLink's troubles. Yesterday, its corporate e-mail servers went down again and business was paralyzed, Eppley said. He suspects the hackers had left a virtual time bomb that caused more damage. LapLink contacted the Bothell police, and Eppley said he intends to file charges against those responsible. A detective visited the company yesterday. LapLink has estimated that it lost $50,000 in revenue because of the incident, said Capt. Bob Woolverton of the Bothell Police Department. Nothing like this has happened before at Classmates Online, said Gail DeGiulio, vice president of corporate marketing. The company takes immediate action if one of its employees is acting inappropriately, she said, adding that she has kept in touch with Eppley and is working to resolve the problem. "This has been one of our top priorities," she said yesterday. This kind of situation happens far more than it should, said Dan Hitchcock, a manager at Breakwater Security Associates, a computer-services company in Seattle. Most companies intend to delete an employee's computer account after that person leaves, but sometimes they don't follow through, he said. "LapLink is not a small company, and it's not a young company, and they should have done that," he said. "But they're not alone." For some companies, the situation becomes more complicated when the computer-systems people leave. In many cases, they leave with more knowledge of the system than their replacements. LapLink's corporate computers were damaged, but its e-commerce and customer-related systems were not affected because they are run separately, Eppley said. The company's Web site was protected as well. Susan Meldahl, LapLink's computer-systems director, said she is going through her network with the equivalent of a fine-toothed comb, looking for anything out of the ordinary. "We're really locked down," she said. "By the minute, we're making sure that nobody else is going to try this." Eppley said his company may have fallen victim to a computer culture in which it's hip to be a hacker. But when, he asked, does hipness cross the line? "That may have happened here," he said. "Something that may have started off as innocent turned into something really ugly." - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Mar 17 2003 - 05:51:31 PST