E-crime: Breaching the corporate network
Although it's easy to blame hackers for breaches in business technology security, it's often the victim that should wear much of the blame.
There is certainly no simple answer to avoiding hacks and potential security problems, but a reasoned and well-thought out policy can save you money and time in the long run. Perhaps one of the greatest risks to your data and to your network is what your own staff may tell someone else.
Infamous hacker Kevin Mitnick, who currently resides in jail for his 15-odd year cyber criminal history, was renowned all over the world for his "uncanny" ability to hack multiple systems. He was able to gain access to the FBI and US Department of Motor Vehicle (DMV) networks, as well as numerous mobile phone networks.
However, his main asset for breaking into these systems was not his killer abilities as a programmer, but rather his ability to manipulate people, otherwise known as "social engineering". He was able to imitate a lineman's jargon, impersonate a superior, sift through trash, con unsuspecting employees out of their field manuals, as well as exploit his own knowledge of a phone company's organisational chart.
No denial of service attacks. No sophisticated programming techniques (although he was able to socially-engineer tools away from those who had already done that work), he simply used his basic technical knowledge and attacked what can sometimes be the most vulnerable part of a network--the human factor.
But are Australian businesses vulnerable to such attacks. Admittedly, most of Mitnick's attacks occurred around five years ago. Surely things have changed since then and Australian companies are now a savvy bunch. Or are they?
