HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 25 guests and 1 member online
EH-Net Donations

Enter Amount:
$
Google Ads
EH-Net News Feeds
Latest Additions
Book Recommendations



 
Advertisement

You are here: Home arrow Forum arrow Resourcesarrow News from the Outside Worldarrow Don't let this Happen to You!
Ethical Hacker Community Forums
January 09, 2009, 10:09:49 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: ChicagoCon 2009 - May 4 - 9. Boot Camps & an Ethical Hacking Conf. www.chicagocon.com
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Don't let this Happen to You!  (Read 1194 times)
0 Members and 1 Guest are viewing this topic.
Oyle
Sr. Member
****
Offline Offline

Posts: 264


"Man. Nature. Technology".


View Profile WWW
« on: July 07, 2006, 06:31:49 PM »
 Grin  Published recently in the local Newpaper, the Plain Dealer. Hard to imagine something like this can still happen in this day and age, but it did. Frickin' hilarious, really. Serves 'em right.

But the rest of guys out there can learn from this, and make sure....Don't Let this Happen to You!

The following is from
http://www.cleveland.com/search/index.ssf?/base/news/1151051511314270.xml?nohio&coll=2

Don’t let this happen to you!

Security not a priority, OU computer system audit finds
                 Friday, June 23, 2006
                Jennifer Gonzalez
                Plain Dealer Reporter

 
Athens - An audit of Ohio University's computer system has found that security was not a priority and that lack of communication between computer and network services departments contributed to several computer breaches.
 
Since April, the university has discovered five such breaches involving theft of the personal information of about 367,000 people. The stolen material included names, Social Security numbers and medical information.
The university has computer services and communication network services departments that have not worked well together, the audit found. The audit report was released Thursday.

 "Going back over 10 years, CS and CNS have traditionally worked autonomously and have not teamed together in a cooperative, collaborative environment. This has led to a quasi combative culture between two key groups who should have been working together," the audit says.
 
Roderick McDavis, OU's president, said he is "angry and embarrassed" by the computer breaches. "We are committed to fixing the problem," he said.
 
The university has made some changes since the audit was completed.
That includes suspending the director of communication network services and the manager of Internet and systems. In addition, the central information technology organization, which includes computer services and communication network services, is being restructured and three individuals who were placed on administrative leave will return to work because they were cleared of wrongdoing.
 
The university commissioned the audit by Illinois-based Moran Technology Consulting after the first breaches were discovered.
The audit also found:
•   Understaffing of information technology personnel,
•   Under skilled staff
•   Undefined information technology roles and responsibilities.

During interviews conducted by Moran Technology, staff members expressed frustration that communication network services and computer services management did not give enough priority to security in the planning, design, implementation and management of the university's information technology infrastructure.

"Many people commented that when new security ideas from various staff were discussed, their input was frequently ignored and sometimes ridiculed by CNS management," the report says.

The staff also told Moran that many employees only had on-the-job training. Many of the computer services staff members involved with managing the Windows server formerly worked in janitorial and help-desk positions.   Roll Eyes

In addition, the audit found that when computer services asked communication network services for information to diagnose performance or security problems, their requests were rejected.  Grin

If computer services and communication network services had worked together, the university "may have benefited from a more robust network monitoring facility," the report says.  Huh

To reach this Plain Dealer reporter:
jgonzalez@plaind.com, 216-999-4327



« Last Edit: July 07, 2006, 06:37:09 PM by Oyle » Logged
MCP, MCP+I, MCSA, MCSE(NT4/W2K), CCNA, CCA, NWCCC, VH-PIRTS, CEH
--------------------
"hackers are like jedi, crackers are like the sith: do not fall prey to the dark side".

From 1337 h4x0r h4ndb00k: "the ten laws of geek", law x
                  -Tapeworm
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.7 | SMF © 2006-2007, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.041 seconds with 22 queries.
 
Sponsors

cwnp_moto__120x90.gif

Polls
How many security events including conferences and training do you attend a year:
 
Support EH-Net

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.
cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!
Recent Forum Topics
Vote For EH-Net

progenic.com
Click here to Vote!

binarica.com
Binarica Logo

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2009 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.