Ethical Hacker Community Forums

General Discussions and Related Certifications => Forensics => Topic started by: don on May 06, 2008, 09:41:24 AM


Title: Forensic Exam Concludes No Breach at Colorado University
Post by: don on May 06, 2008, 09:41:24 AM
We often hear of forensics as a way to prove guilt. It's good to see it work the other way.

Quote
Processes that seemed to mimic malicious behavior led the University of Colorado-Boulder (CU) to disclose a possible breach, the school said this week.

“Interaction between two incompatible software programs mimicked behavior consistent with malicious software," said Dan Jones, university director of IT security, in a statement.

Officials initially had suspected as many as 9,500 individuals had their names, Social Security numbers, addresses and grades potentially exposed to hackers. But a forensic exam turned up no malicious software, and there was no exposure of student and staff private data.
So what happened?

"The functioning of the computers led us to initiate our data breach protocol, which included providing notice to the community of a potential threat of identity theft," Jones said.

Dennis Maloney, chief technology officer for the university, said, "While the data was not compromised, this incident still reinforces the need to constantly improve IT security at CU."

The scare prompted moves, such as re-scanning systems for private data, eliminating Social Security and credit card numbers from all systems, encrypting laptop computers across campus, and improving password management procedures.

Original story:
http://www.scmagazineus.com/Forensic-exam-concludes-no-breach-happened-at-university/article/109709/?DCMP=EMC-SCUS_Newswire

Don

Title: Re: Forensic Exam Concludes No Breach at Colorado University
Post by: RoleReversal on May 07, 2008, 06:31:50 AM
Cheers Don,

it's nice to see a story where no evidence of foul play was found after investigation and that additional pre-emptive changes have been made to improve the environment anyway.

If we could get more 'good news' stories like this it might make companies worry less about PR effects of a breach and not try to cover up any potential issues, which should improve security as a whole. Might even stop suits and beancounters from seeing security as a necessary cost/evil .... (pinch me, I'm dreaming ;) )

Title: Re: Forensic Exam Concludes No Breach at Colorado University
Post by: Negrita on May 10, 2008, 04:23:26 PM
So why don't they disclose which are the 2 incompatible software programs?  ???


Powered by SMF 1.1.4 | SMF © 2006-2007, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com