[ISN] D.C. Law Firm Claims IBM Worker Hacked Its Computers

From: InfoSec News (alerts@private)
Date: Sun Jul 16 2006 - 23:17:08 PDT


http://www.informationweek.com/security/showArticle.jhtml?articleID=190400233
 
By Paul McDougall
InformationWeek
July 14, 2006

A Washington, D.C., law firm says it's the victim of a computer hacker, 
but it claims the perpetrator isn't some nerdy cyberpunk or offshore 
criminal gang. Rather, the firm says its computers are under attack by 
tech giant IBM.

Attorneys at Butera & Andrews claim an unidentified hacker working within 
IBM's WebSphere services facility in Durham, N.C., secretly dropped 
malicious code into the firm's e-mail server, giving him or her 
unauthorized access to the system. The IBM worker "initiated, directed and 
managed this attack from the Durham, North Carolina facility," Butera & 
Andrews claims in a lawsuit. The firm says its servers were hit by the 
assailant's code more than 40,000 times throughout 2005.

In its complaint, filed in April in the U.S. District Court for 
Washington, D.C., Butera & Andrews gives no motive for the attack. 
However, it says it fingered IBM because an IP address traced to the 
computer initiating the attacks is registered to a system inside the IBM 
facility.

Butera & Andrews also charges IBM with maintaining lax security procedures 
at the Durham facility, thus making it easier for would-be hackers to 
carry out their work undetected. The lawsuit states that IBM last year 
implemented a policy under which all computer user logs at the facility 
are wiped clean after 24 hours. The policy "assures anonymity for any 
wrongdoer," the firm charges.

IBM has filed a motion to dismiss the suit. Among other things, the 
computer vendor claims that the IP address identified in the suit belongs 
to Workforce.com, an unrelated Web publication that operates from 
Michigan. A trace of the IP address conducted by InformationWeek confirms 
that the address is registered to Workforce, which is owned by Crain 
Communications. Butera & Andrews maintains that the address belongs to 
IBM, even if Workforce is currently "residing" at the addresss. It says it 
has documents that prove the link.

In its suit, Butera & Andrews is seeking "the return of all information 
illicitly obtained" by IBM as a result of the alleged hack, as well as 
unspecified damages and costs. Officials from IBM and Butera & Andrews 
weren't available for comment.


_________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.
www.blackhat.com



This archive was generated by hypermail 2.1.3 : Sun Jul 16 2006 - 23:35:37 PDT