[ISN] Hacker sues bank for his time

From: InfoSec News (alerts@private)
Date: Mon Dec 18 2006 - 23:27:09 PST


http://www.stuff.co.nz/stuff/southlandtimes/3903065a6437.html

18 December 2006

A man who admitted hacking into the Reserve Bank's telephone system now 
wants $7500 from the organisation for using his information to upgrade 
its security.

Security consultant Gerry Macridis walked free from court despite 
admitting he accessed the bank's computer-controlled phone system 
without authorisation.

He is now threatening legal action to be paid for work done to fix the 
security flaws.

Mr Macridis admits the bank never sought his help, but it used his 
knowledge to block future breaches.

"The typical `market value' of the information was some $7500," he says 
in a letter being sent to Reserve Bank governor Alan Bollard today 
advising of the lawsuit.

Mr Macridis confirmed last night that he was seeking money based on 
payments he received in dealings with various banks. He would not 
elaborate.

The Reserve Bank said it could not comment till it had notice of the 
action.

This is the latest twist in a saga that in September saw Mr Macridis 
discharged without conviction in Wellington District Court after 
pleading guilty to accessing the bank's phone system without 
authorisation.

Mr Macridis said he was a consultant on computer security systems on a 
casual basis and had worked for Telecom, Internal Affairs and police.

He told the court the bank's phone system was the worst he had seen in 
11 years as a consultant and was vulnerable to tapping from overseas.

Mr Macridis had sent a report to the bank detailing the security issues, 
then called asking for payment for advising them.

Judge Ian Mill said Mr Macridis had acted honourably and a conviction 
would be disproportionate to the crime.


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Mon Dec 18 2006 - 23:37:10 PST