, SecurityFocus 2003-09-10
Days before going public with his penetration of the New York Times internal network last year, hacker Adrian Lamo created five new user accounts with the LexisNexis database service under the Times corporate account, which he used to rack up $300,000 in charges over the following three months, a federal complaint in New York charges.
Expand all |
Post comment
Of course he should be tried
2003-09-11
drg (3 replies)
drg (3 replies)
Of course he should be tried
2003-09-11
The 420 Zodiac (1 replies)
The 420 Zodiac (1 replies)
Of course he should be tried
2003-09-12
Wckd (1 replies)
Wckd (1 replies)
Of course he should be tried - Enough analogies!
2003-09-12
Anonymous (1 replies)
Anonymous (1 replies)
breaking into someone's house analogy doesn't work !!!
2003-09-11
Anonymous (2 replies)
Anonymous (2 replies)
breaking into someone's house analogy doesn't work !!!
2003-09-12
An idiot like the one that posted before me.
An idiot like the one that posted before me.
Your network get's hacked because you do not do these things. Your Network gets hacked because you run insecure services/applications exposed to the net.
Don't run these insecure apps/services and you'll reduce your threat of a hack.
Secure your network and you'll reduce your threat of a hack.
Hackers provide a way to DISTINGUISH and MAKE AN EXAMPLE of LAZY IT Admins and PROGRAMMERS.
It is a common fact that HACKERS exist. With this knowledge, these lazy IT people / Programmers, need to expect that what they have put into place is constantly being challenged. With that, they too should challenge their own networks/programs and search and scour for possible exploits.
Lamo was simply do his "job". That being to actively scour and search for exploits. Had someone over at NYTimes been doing their job, they would have found the problem first and repaired it.
Maybe he shouldn't have damaged the system or used resources which didn't belong to him, however these things shouldn't have been available to him in the first place.
If you want to compare the whole "Weak Lock on House Door" Theory that's simple to do. We don't keep weak locks because we KNOW that there are people out there who may want to break in and steal our possessions. We read about it everyday. ANd with the same diligence we use to make sure our families and homes are safe, we need to make sure our Networks and Apps are safe as well. Because as you know and read about EVERYDAY, there are people out there who want in. They are actively trying as we speak....just check your Firewall Logs, Web App Logs.. etc...
Lock it down and you wont have any problems.
Good Luck to LAMO! Hope he comes through with a BOOK deal, a Security SPecialist Job and a Television Interview.
IT Admins, Program Developers - Stop blaming others and get to work, Lock It Down!
- OUT -
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/6934/22217#22217