http://www.wusa9.com/news/local/story.aspx?storyid=81025&catid=158
This video will be on the New Maverick web site in the next two weeks as well. If you have any questions, or require more assistance, contact Maverick.
Saturday, January 31, 2009
Friday, January 30, 2009
Maverick Analysis: Lessons From The Fannie Mae Hacker
Rajendrashinh Makawa, a 35 year-old Indian Unix system administrator contractor for OmniTech, was arraigned this week in Maryland for attempting to hack Fannie Mae - the company he was subcontracted to. After being fired in the early afternoon of October 24th, Makawa was allowed to continue working. By the time he turned in his badge and laptop in at the end of the day he had written and implanted four separate scripts in the Fannie Mae system. These were designed to wipe all of the data from the over 4,000 servers and storage devices in a revenge attempt. Luckily, another sys admin uncovered one of the malicious scripts and the plan was thwarted.
The biggest lesson to be learned from this incident is in the behavior of Fannie Mae and OmniTech during the dismissal of Makawa. Makawa's access should have been revoked just prior to his dismissal and he should have been immediately escorted from the building. Instead, he was allowed to finish his day and - in barely 4 hours' time - put thousands and thousands of Fannie Mae clients' records and millions of the company's dollars at risk.
Remember: the termination process should take place swiftly and should begin with the removal of all access of the person to be terminated.
The biggest lesson to be learned from this incident is in the behavior of Fannie Mae and OmniTech during the dismissal of Makawa. Makawa's access should have been revoked just prior to his dismissal and he should have been immediately escorted from the building. Instead, he was allowed to finish his day and - in barely 4 hours' time - put thousands and thousands of Fannie Mae clients' records and millions of the company's dollars at risk.
Remember: the termination process should take place swiftly and should begin with the removal of all access of the person to be terminated.
30JAN09-02: No Hacking Required - U.S. Consulate in Israel Auctions Sensitive Information
The U.S. consulate in Israel held an auction in December 2005 to get rid of old furniture and reportedly sold cabinets containing hundreds of files with Social Security numbers of U.S. Marines and state department staff stationed in Israel. The files also included U.S. State Department bank account numbers and documents tracking the U.S. funding of local political movements. Among the files was a dossier marked "Secret" detailing an encounter between a U.S. Marine and a young Israeli woman in a Jerusalem hotel bar.
The woman who bought the filing cabinets, an American-Israeli, recently returned them to U.S. control but only after the Israeli police intervened and threatened her with unspecified charges.
SOURCE: http://blog.wired.com/27bstroke6/2009/01/us-consulate-in.html
The woman who bought the filing cabinets, an American-Israeli, recently returned them to U.S. control but only after the Israeli police intervened and threatened her with unspecified charges.
SOURCE: http://blog.wired.com/27bstroke6/2009/01/us-consulate-in.html
30JAN09-01: Russian "Cyber-Militia" Takes Kyrgyzstan Offline
Kyrgyzstan's two main Internet service providers -- ns.kg and domain.kg – recently came under a massive online assault. Details have emerged that the cyber-attack was orchestrated by Russia-based "cyber militia," shutting down more than 80 percent of Kyrgyzstan's bandwidth. Speculation is that the attack was meant to thwart Kyrgyzstan's embattled political opposition -- which depends on the Internet to organize -- or to pressure Kyrgyzstan's government, which hosts a U.S. airbase outside of the capital, Bishkek.
SOURCE: http://blog.wired.com/defense/2009/01/cyber-militia-t.html
SOURCE: http://blog.wired.com/defense/2009/01/cyber-militia-t.html
Welcome to the NEW Maverick Cyber-Defense Threat Feed!
You may access this blog FREE as a courtesy service of Maverick Cyber-Defense. As we know many of our clients already have their own daily analysis shops, we provide this blog as a collector for cyber-indicators and information you can use to analyze and generate intelligence applicable to your own organization.
Each Thursday, Maverick will provide analysis of some topic related to cyber-security. Sometimes the posts will be topical, based upon major events of the week. Other times, we will post periodic intelligence we feel our clients need to stay ahead of the global threat.
If you have suggestions for topics or other inputs, feel free to contact us. We always try to tailor our intelligence to meet your needs. Just email us at info (at) maverick-security.com (replace the (at) with @ ).
Each Thursday, Maverick will provide analysis of some topic related to cyber-security. Sometimes the posts will be topical, based upon major events of the week. Other times, we will post periodic intelligence we feel our clients need to stay ahead of the global threat.
If you have suggestions for topics or other inputs, feel free to contact us. We always try to tailor our intelligence to meet your needs. Just email us at info (at) maverick-security.com (replace the (at) with @ ).
Subscribe to:
Posts (Atom)