HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 41 guests and 1 member online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Incident Responsearrow Oops, I got us hacked
EH-Net
May 24, 2013, 01:41:24 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Oops, I got us hacked  (Read 5432 times)
0 Members and 1 Guest are viewing this topic.
timmedin
Sr. Member
****
Offline Offline

Posts: 469



View Profile WWW
« on: April 17, 2009, 08:01:33 AM »
I wonder if the size of something like Heartland skewed the results a bit? It is hard to comensate for 100Million pieces of info.


Study: Mistakes, Not Malicious Insiders, to Blame for Most Breaches

285 million records breached, most attacks came from external sources, according to Verizon study
http://www.csoonline.com/article/489644/Study_Mistakes_Not_Malicious_Insiders_to_Blame_for_Most_Breaches

"Outsiders are going to exceed insiders in number. There are more of them. It makes sense that that attack ratio would be there," said Wade Baker, a Research and Intelligence Principal with Verizon.
Logged
twitter.com/timmedin | http://blog.securitywhole.com
sgt_mjc
Sr. Member
****
Offline Offline

Posts: 294


View Profile
« Reply #1 on: April 17, 2009, 01:34:56 PM »
On our big contract we regard the insider as the biggest threat to the system if for no other reason than the system is not connected to the internet. With that said, insiders are still a huge threat. Easily half the systems I looked at last week had a boot order that would allow a system to boot from some other media than the first HD. They could also be booted into the BIOS with PWs and had the order changed there. On top of all that, the insider has one thing the outsider doesn't, physical access. We'll see where this goes. Thanks for the news.
Logged
Mike Conway
CISSP
CompTia Security +
C|EH
timmedin
Sr. Member
****
Offline Offline

Posts: 469



View Profile WWW
« Reply #2 on: April 18, 2009, 11:01:27 AM »
How much physical access are people allowed there?
Logged
twitter.com/timmedin | http://blog.securitywhole.com
sgt_mjc
Sr. Member
****
Offline Offline

Posts: 294


View Profile
« Reply #3 on: April 27, 2009, 02:16:02 PM »
You would be surprised. If you are part of the program, you have pretty much unlimited physical access. With that said, the place is wired out the whazoo with video and other physical security implementations. Yes, the insider is a great threat, but it would be hard to get away with anything there.
Logged
Mike Conway
CISSP
CompTia Security +
C|EH
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.841 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.