[ISN] Boeing Employee Charged With Stealing 320, 000 Sensitive Files

From: InfoSec News (alerts@private)
Date: Thu Jul 12 2007 - 02:59:24 PDT


http://www.informationweek.com/news/showArticle.jhtml?articleID=201000820

By Sharon Gaudin
InformationWeek
July 11, 2007

A disgruntled Boeing employee was charged Tuesday with 16 counts of 
computer trespass for allegedly stealing more than 320,000 company files 
over the course of more than two years and leaking them to The Seattle 
Times.

Gerald Lee Eastman, who was a quality assurance inspector at Boeing at 
the time of the thefts, is slated to be arraigned on July 17, according 
to a spokesman for the King County Prosecuting Attorney's Office. He 
faces up to 57 months in prison if convicted on all counts.

According to a criminal complaint, a search of Eastman's home found 
computers and storage devices containing more than 320,000 pages of 
"very sensitive" documents related to Boeing's business operations. 
Boeing estimated in an arrest report that if only a portion of the 
stolen documents were given to competitors, it could cost the company 
between $5 billion and $15 billion.

Eastman used what prosecutors called his "unfettered access to Boeing 
systems" to download large amounts of data from information stores he 
had no legitimate reason for accessing, according to the criminal 
complaint. He allegedly transferred the information to a thumb drive and 
then removed it from company property.

Eastman was arrested at his desk while at work on June 29. Police 
reported finding a thumb drive that was connected to his computer 
terminal via a USB cord that ran along the back of the terminal to the 
storage device that was "hidden in a drawer" in his desk. He was 
downloading data onto the thumb drive when he was arrested, according to 
the complaint.

The complaint noted that Eastman told detectives he was disgruntled with 
Boeing because he had brought several issues related to parts 
inspections to the attention of both the company and the FAA. He said 
none of his concerns had been addressed to his satisfaction. The report 
contends he said he collected data to back up his claims that there were 
problems with the inspection process.

Police detectives said a forensic investigation showed that Eastman had 
corresponded and met with reporters, apparently supplying them with 
proprietary and sensitive information that was not to be disclosed to 
sources outside Boeing. "There are numerous examples of information that 
was found in Eastman's personal computers and/or storage media, which 
appeared in news stories," the complaint states. "We also found some 
e-mail correspondence between Eastman and Dominic Gates of the Times and 
James Wallace of the [Seattle Post-Intelligencer], which indicates his 
intention to share information that he had on Boeing with them."

Detectives reported finding password-cracking software on Eastman's 
computers. "Although the files Eastman took were not encrypted or 
password protected, Eastman had to exploit a weakness in Boeing's 
computer system to access them," the criminal complaint noted. "Eastman 
methodically searched the Boeing system looking for unprotected file 
shares and was routinely denied access to many."

Last December, Boeing fired an employee whose stolen laptop contained 
identifying information on 382,000 current and former employees. The 
employee, who wasn't identified, was fired because he violated company 
policy by downloading the information onto the laptop and not encrypting 
it, said a spokesman for Boeing. The laptop, which had been taken out of 
the office, was stolen the first week of December, he added.


_____________________________________________________
Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. http://www.blackhat.com



This archive was generated by hypermail 2.1.3 : Thu Jul 12 2007 - 03:12:38 PDT