Geeks With Blogs

News Clicky Web Analytics

web stats View David Caddick (davidcaddick@gmail.com)'s profile on LinkedIn

Search this Site!

Locations of visitors to this page
View My Stats eXTReMe Tracker
This posting is provided "AS IS" with no warranties, and confers no rights. The opinions expressed within are my own and should not be attributed to any other Individual, Company or the one I work for. I just happen to be a classic techie who is passionate about getting things to work as they should do (and are sometimes advertised and marketed as being able to?) and when I can I drop notes here to help others falling in to the same traps that I have fallen in to. If this has helped then please pass it on - if you feel that I have commented in error or disagree then please feel free to discuss with me either publically or privately? Cheers, Dave
Thin Clients, VDI and Linux integration from the front lines.... Raw and sometimes unedited notes based on my experiences with VMware, Thin Clients, Linux etc.

I came across this blog from Razor in the Sydney Morning Herald and the full article (Anatomy Of A Break-In.)makes fascinating reading.

Razor doesn't have any illusions about the diligence with which the corporate world is looking after our personal data - we doubt they even know how bad things are and what a gullible lot we are. But this step-by-step account of the systematic compromising of a major multinational shocked even us.

Key staff were warned that an assessment team would try to crack their security, but still left the doors wide open. The IT department didn't have a clue how many domains they had - which meant they weren't protecting the majority of them. They didn't know all that much about their own staff, for that matter, given that one employee was using his company E-mail account to sell information on how to perform criminal activities.

The helpful security staff issued the interlopers with ID badges, and what with the server room being unattended, they were soon busily downloading passwords, and logging on to the CEO's account. Web servers weren't properly patched, and end user PCs were highly vulnerable. It's a compelling read - Anatomy Of A Break-In.

Is this a surprise to you? How good/bad is your company's security? Are the bosses aware of the vulnerabilities, and have they done anything about them? Do you have your own horror stories about corporate insecurity?

Posted on Thursday, February 2, 2006 6:39 PM IT Management , Microsoft Tips , Security | Back to top


Comments on this post: How easy is it to hack your company?

No comments posted yet.
Your comment:
 (will show your gravatar)


Copyright © Dave Caddick | Powered by: GeeksWithBlogs.net