Friday, May 23, 2003

Insider attack nails shut Janteknology's coffin

Evidence of the damage that insider attacks can wreak. Ironically, this was a security software distributor.

It's unbelievable how often I hear things like:

"Well you have to trust your employees/administrator/etc!"
"But we're behind the firewall!"

I even noticed Microsoft's STRIDE threat model does not include the threat:

Misuse of granted privileges.

Whoops. People all too often don't look inside their own organizations at the threats all around you. Insider attackers are a difficult, and perhaps not entirely solveable problem. It is much easier for someone to attack your network when they are already on it than through your firewall over the Internet. Your firewall rejects access, but then your HR department allows it. They will even give a potential adversary a computer, cubicle, network access, badge, etc.!

You have to consider this angle in designs and in how you manage privileges and maintain audit trails.

"Security software distributor, Janteknology, has shutdown amidst dramatic circumstances, its battle to survive tough market conditions ended by industrial sabotage."

News: Security firm shuttered by sabotage

No comments:

Post a Comment