Quantcast
PCWorld.com is upgrading some back-end systems. Some site features, such as user registration, may be temporarily unavailable.
Subscribe to magazine

Most Hacks Are Inside Jobs

FBI director urges encryption keys to protect businesses from internal sabotage.

Daniel Rubin, Medill News Service

  • 0 Yes
  • 0 No
The greatest threat to the security of American companies' computer networks isn't an outside hacker, FBI Director Louis Freeh told a group of business leaders Tuesday. It isn't a foreign intelligence agency, either.

Employees or former employees who have an ax to grind with their bosses or who sell corporate information for cash are the greatest sources of stolen corporate secrets and data, Freeh said at a meeting of the U.S. Chamber of Commerce.

"Disgruntled former employees and dishonest, greedy employees are a serious danger," Freeh said. "It is an area of critical vulnerability for us."

Freeh said that such internal threats justify the Clinton administration's efforts to require encryption "keys" for law enforcement officials. These keys could unlock encrypted corporate data that might have been sealed by a disgruntled employee.

"It is the equivalent of someone locking your house from the inside and keeping the key," Freeh said.

Privacy Concerns

Privacy groups, as well as several coalitions of high-tech firms, have opposed this type of key or other access to encryption software. The issue is tied to opposition to export controls on encryption software.

"What we are looking for is a more balanced policy," said Dave McCurdy, president of the Electronic Industries Alliance, prior to Freeh's speech. "We are seeking a relaxation of export controls."

While Freeh focused on internal threats, the conference dealt mostly with external threats to corporate computer security and trade secrets. Representatives from firms ranging from Cisco Systems to Coca-Cola attended.

Jeffrey Moss, who is known in computer hacking circles as Dark Tangent, talked about the ease of obtaining hacking software over the Internet.

"A few years ago, these programs were traded among hackers like baseball cards," said Moss, who runs a computer network security-assessment service. "Now anybody who can search Yahoo can get these things."

As a computer security consultant, Moss now hacks into corporate systems to test network defenses. He said he has failed to crack a system only once, and that system belonged to a bank.

"The biggest problem is that people don't even know their own networks," said Moss. "If the people who built the network are gone, then new people won't know what it looks like."

  • Recommend this story?
  • 0 Yes
    0 No
 

Featured APC Accessories

  • APC Back-UPS ES Safeguards your equipment from damaging surges and spikes that travel along your utility & data lines.
  • APC Smart-UPS Loaded with cutting-edge features, unique battery life predictor, unbeatable on-line efficiencies and software agents allowing remote UPS monitoring. Get 10% off your entire kart purchase!

People who read this also read:

Sponsored Links