PRWeb The Leader Press Release Distribution
See How PRWeb Works

We're here to help 1-866-640-6397

Login Create Free Account

Why PRWeb Customer Examples Pricing Tools & Tips

All Press Releases for August 13, 2003 Subscribe to this News Feed    
 

ANOTHER TYPICAL HACK INTO A CINCINNATI BUSINESS DISCOVERED

Security Confidence Corporation announced today it discovered yet another organization who had been hacked" into without the organizations knowledge.

CINCINNATI, OH (PRWEB) August 13, 2003 -- Security Confidence Corporation announced today it discovered yet another organization who had been hacked" into without the organizations knowledge.

It is just another typical hack into a local business," says Matthew Corney, President of Security Confidence Corporation. Matthew Corney goes on to say," Its just not that surprising anymore; we are seeing hackers penetrate organizations safeguards more and more frequently without their knowledge.

It takes a security specialist to point out that there has been a compromise in their security. Typically we see a combination of two scenarios: first, that an organization has been used as a bouncing point for a hacker to make other attacks; and secondly that a hidden directory has been created on their servers or workstations that is filled with warez or pornography which is accessible via the internet."

Security Confidence was contracted to provide their Information Security Review Services to a local company, whose name is being withheld for obvious reasons. The organization was hesitant at first to utilize the services of Security Confidence, as they had been reassured by their 3rd party network integrator that they were completely secured by a firewall. Upon initial testing by Security Confidence, however, it became immediately apparent that the organization was not nearly as secure as they had been lead to believe.

As stated above, the organization had a firewall in place; however, that firewall had a known vulnerability in its firmware. This vulnerability allowed the hacker to reprogram their firewall to his liking. Once completed the hacker could then use this organizations resources for items such as a bouncing point to attack other networks or browse the organizations private information. Moreover, the hacker had remotely installed multiple back-door" access applications, a key stroke logger, and 18MB of pornography onto one of the organizations servers.

Matthew Corney goes on to say, The effects of such a breach in security are multifaceted. For example, the ability of a hacker to attack another network from a compromised system would make the owner of the compromised system liable for any damages. For example, if a hacker infiltrated your network and then began infiltrating www.whitehouse.gov, the FBI would assume it is you who is initiating these attacks. This could lead to the FBI seizing all of your computers as part of an investigation. This is especially probable if there is any indication that you have child pornography on your systems.

A recent example of this is the recent seizure of the Kentucky Transportation Cabinets computers which were found to have accessed child pornography. On July 30th, 2003 Kentucky.com reported that HACKERS HIJACK TRANSPORTATION'S COMPUTERS: AUDITOR SAYS TAKEOVER DISTRIBUTED PIRATED MOVIES, MUSIC" which included finding pornographic material on their systems. Then on August 8th 2003, Kentuck.com reported, FBI JOINS STATE LOOK INTO USE OF COMPUTERS: INQUIRY FINDS WORKERS ACCESSED CHILD PORN." The FBI and the Kentucky Attorney General have now confiscated the equipment for an undetermined amount of time. This is a common occurrence when computer equipment becomes evidence.

As with the Kentucky Transportation Cabinet, the local organization Security Confidence worked with was not aware that they had been hacked" until a professional security expert had audited their information systems. Security Confidence was able to provide the local organization with a detailed plan of the steps which were needed to reduce the risks of future attacks and removal of their infected systems through their SECCON Manage Service.

About Security Confidence:
Security Confidence, a Cincinnati based Corporation, is a leading provider of Consulting and Advisement regarding Information Privacy and Security. Security Confidence provides services such as risk assessments, training, compliancy assessments, policy and procedure creation, certification and auditing for businesses which must become compliant with HIPAA (Health Insurance Portability and Accountability Act of 1996), GLBA (Gramm Leach Bliley Act of 1999) and 'Best Practices of Information Security.

www.SecurityConfidence.com.

OPTIONS
Printer Friendly Version
Email this story to a colleague
CONTACT INFORMATION
Matthew Corney
Security Confidence Corporation
513.474.3443
Email us Here
ATTACHED FILES

There are no multimedia files attached to this release. If this is your release, you may add images or other multimedia files through your PRWeb News Management Console.
ABOUT PRESS RELEASES
If you have any questions regarding information in these press releases please contact the company listed in the press release. Please do not contact PRWeb. We will be unable to assist you with your inquiry. PRWeb disclaims any content contained in these release. Our complete disclaimer appears here.
 

© Copyright 1997-2009, Vocus PRW Holdings, LLC.
Vocus, PRWeb and Publicity Wire are trademarks or registered trademarks of Vocus, Inc. or Vocus PRW Holdings, LLC.

About PRWeb | News about PRWeb | Contact Us | Terms of Service | Privacy Policy | Copyright