Friday, April 8, 2011

Fired Employee Indicted For Hacking Gucci Network

Authorities on Monday indicted a former IT
employee at Gucci for hacking into the company's computer network,
deleting files and emails, and causing an estimated $200,000 in damage.


"Computer hacking is not a game. It is a serious threat to corporate
security that can have a devastating effect on personal privacy, jobs,
and the ability of a business to function at all," said Manhattan
district attorney Cyrus R. Vance Jr., in a statement. 


How did a former employee gain access to a corporate network and delete
data? Authorities accuse Yin of creating "a VPN token in the name of a
fictional employee," and then, when he was fired, stealing this
USB-based token to gain remote access.


According to authorities, "in the months that followed, using the VPN
token, Yin exploited his familiarity with Gucci's network configuration
and administrator-level passwords to gain nearly unfettered access to
Gucci's network."

Rigorous Internal IT auditing is essential to mitigate the risk of disgruntled employees, and use of orphan/hidden accounts that employees in a position to abuse privileges could create. What did you company internal audit find out !!?? Dormant active accounts are screaming sirens waiting to be noticed. Use technologies like SIEM, to track usage of service accounts, beyond their intended use.