Thwart attacks from inside the wire
Intrusion detection methods that target internal users continue to emerge. Meanwhile, companies should also use a range of other security techniques to ward off abuses by their own employees.
eEye, which produces Spynet network sniffer, probably had good reason to guess an employee was to blame. According to an account by UK-based VNUnet, a message posted on eEye's Web site read, "Would you trust a security company that cannot even secure themselves?" Also on the defaced Web site, the attacker charged that eEye mistreated its employees, savaged the company's products, and extended the contemptuous nickname "Chief Hacking Officer" to eEye official Marc Maiffret.
[ Read more ]