Hacker Suspect Blames The Mob
Author: Dave Lewis
Here is an article that struck a chord with me. The lack of understanding that a large swath of legal bodies have concerning computer crime is demonstrated in a criminal case that took place in Australia. But first here is a passage from the article,
“I found the server was accessible from the internet, and I asked why.
“They said: ‘Well, the vendor has to connect to it to support it.’
“So I asked the vendor for a listing of trouble tickets, and there was about a 30-day stretch during which the data had been stolen.
“During those 30 days they had 14 trouble tickets, denoting 14 separate connections to the system.
“But there had been 44 connections in the 30-day stretch.
“I found that each day, at about 7.30pm, someone would connect from a local area IP address. They would log in as ‘root’ and they would take data. This was obviously someone who knew the store closed at 7pm, and that the end of the day processing would run at about 7.45pm to 8pm.
“So getting in there at that time gave them access to the most data.
“Now, I researched that local IP address, and it turned out to be the home cable modem line of a person who worked for the vendor that set up that retail point-of-sales system.”
That part of the piece jumped out at me. It illustrated the lack of understanding that a great many IT shops still have regarding security. The second part of the article made me laugh/cry. This defense from the witness,
“Do you know what this person’s defence was? He said he had a vulnerable wireless access point at home, and organised crime had managed to hack into the access point and use his PC to steal data from the retailer. He got away with it. His home PC was never admitted into evidence, we never had an opportunity to look at it and say, ‘Nobody hacked in here, it’s clean.’
“It was very frustrating, especially as the case was the culmination of two months of work.
Sigh. Damn you Tony Soprano.
Tags: Hacker Suspect, Data Theft, Digital Crime, Computer Forensics
