Stupidity trumps security

Friday, 2 May 2003, 11:38 AM EST

The attorney I was chatting with over coffee smiled and then launched into what could only be called a horror story -- at least if you were her client. "My client's soon-to-be-ex-wife apparently wanted to get back at him," explained the attorney, one of the top divorce lawyers on the east coast. "So she got into his office somehow and then used his assistant's computer to send an e-mail message to everyone in the company telling of his affair with one of his coworkers."

We chatted longer, my friend telling of the pain the e-mail caused her client. But I wondered how any company could have security so lax that an outsider could sneak in and send an e-mail to the entire company. Didn't the managers of the company know that they had a responsibility to ensure the privacy of their customers and other employees, as well as to safeguard information critical to the running of the company? Apparently not.

I thought through all of the security holes the scorned wife apparently exploited. First, there was no physical security, or she would never have been able to get into the area with the computers. Second, she was able to get into an employee's e-mail account without knowing any passwords. And third, how was it that she was able to create a message to all of the other employees without knowing who they were?

[ Read more ]




Spotlight

Using Hollywood to improve your security program

Posted on 29 July 2014.  |  Tripwire CTO Dwayne Melancon spends a lot of time on airplanes, and ends up watching a lot of movies. Some of his favorite movies are adventures, spy stuff, and cunning heist movies. A lot of these movies provide great lessons that we can apply to information security.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Jul 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //