http://www.informationweek.com/news/showArticle.jhtml?articleID=201000820 By Sharon Gaudin InformationWeek July 11, 2007 A disgruntled Boeing employee was charged Tuesday with 16 counts of computer trespass for allegedly stealing more than 320,000 company files over the course of more than two years and leaking them to The Seattle Times. Gerald Lee Eastman, who was a quality assurance inspector at Boeing at the time of the thefts, is slated to be arraigned on July 17, according to a spokesman for the King County Prosecuting Attorney's Office. He faces up to 57 months in prison if convicted on all counts. According to a criminal complaint, a search of Eastman's home found computers and storage devices containing more than 320,000 pages of "very sensitive" documents related to Boeing's business operations. Boeing estimated in an arrest report that if only a portion of the stolen documents were given to competitors, it could cost the company between $5 billion and $15 billion. Eastman used what prosecutors called his "unfettered access to Boeing systems" to download large amounts of data from information stores he had no legitimate reason for accessing, according to the criminal complaint. He allegedly transferred the information to a thumb drive and then removed it from company property. Eastman was arrested at his desk while at work on June 29. Police reported finding a thumb drive that was connected to his computer terminal via a USB cord that ran along the back of the terminal to the storage device that was "hidden in a drawer" in his desk. He was downloading data onto the thumb drive when he was arrested, according to the complaint. The complaint noted that Eastman told detectives he was disgruntled with Boeing because he had brought several issues related to parts inspections to the attention of both the company and the FAA. He said none of his concerns had been addressed to his satisfaction. The report contends he said he collected data to back up his claims that there were problems with the inspection process. Police detectives said a forensic investigation showed that Eastman had corresponded and met with reporters, apparently supplying them with proprietary and sensitive information that was not to be disclosed to sources outside Boeing. "There are numerous examples of information that was found in Eastman's personal computers and/or storage media, which appeared in news stories," the complaint states. "We also found some e-mail correspondence between Eastman and Dominic Gates of the Times and James Wallace of the [Seattle Post-Intelligencer], which indicates his intention to share information that he had on Boeing with them." Detectives reported finding password-cracking software on Eastman's computers. "Although the files Eastman took were not encrypted or password protected, Eastman had to exploit a weakness in Boeing's computer system to access them," the criminal complaint noted. "Eastman methodically searched the Boeing system looking for unprotected file shares and was routinely denied access to many." Last December, Boeing fired an employee whose stolen laptop contained identifying information on 382,000 current and former employees. The employee, who wasn't identified, was fired because he violated company policy by downloading the information onto the laptop and not encrypting it, said a spokesman for Boeing. The laptop, which had been taken out of the office, was stolen the first week of December, he added. _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Thu Jul 12 2007 - 03:12:38 PDT