|
Posted by Rick Merrill on December 3, 2006, 2:27 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Borked Pseudo Mailed wrote:
> In a recent report it came to light that the Dutch Security Software
> company Alfa & Ariss has been making unauthorised attempts to break in to
> both private and corporate computer systems.
>
> Alfa & Ariss, who made name for themselves by developing software for both
> the Open Source and Corporate markets for secure login procedures, as well
> as being contracted to implement this software in central Dutch government
> and banking agencies, have made confirmed attempts to at least gain access
> to several systems without obtaining authorization first from the owners
> and operators of those systems.
>
> The most disturbing attempts are the clear and verified, targeted attempts
> to access a Scandinavian company by probing for available services,
> including but not limited to telnet, SSH, FTP, LDAP, VPN, SSL and SMTP.
> These were made from the main IP address registered to them (82.94.105.130)
> in late October. The company's data wasn't compromised due to a good
> security setup, but the attempts themselves are an indication that Alfa &
> Ariss is apparently doing more than just develop software, and not all of
> it desirable.
>
> Next to this, the private user is apparently also not safe from them, as an
> ex-employee found out. His home-connected computer had its Internet
> connection flooded around the same time, and by checking access logs found
> out that the company had been snooping on his Livejournal (even after he
> left the company) as well as making complete copies of his personal and
> business related web pages.
>
> Even though invited to do so, no comments have been made by Alfa & Ariss so
> far, but the ex-employee states:
> "Yes, there have been problems with my connection. My modem complained
> about not being able to handle the traffic correctly, and probably a bunch
> of connections were dropped because of that. I'd say that is a clear
> example of Denial of Service right there. It didn't last long, but still..."
>
> "I also put a few blocks in place after that, and started keeping an eye on
> the IP. Surprisingly, it didn't end there, but instead, I found I got
> continued connection attempts from the office at just about every business
> day, and even some in the weekend and at night times. To this day they keep
> checking up on me, apparently."
>
> As to the reason why, there seems to be some confusion:
> "I'm a little limited in what I am allowed to say under my NDA, but I can
> tell you that even though I left the company in September on less than
> agreeable terms (having had the rights needed to do my job as security
> officer and network administrator revoked, forcing me to quit, next to lack
> of pay), I didn't have any negative consequences to speak of because of
> this. I, myself, was just glad to close it off this way, I have no desire
> to be in any way in touch with the people there, and as a matter of fact,
> the CEO demanded no further contact, himself. I even returned a few letters
> after they got sent to my address regardless of their own command.
> There is also nothing of interest for them to be found on my home system,
> apart from personal data for me and a few friends which they have no
> business in knowing or having access to. Although I can guess as a motive
> they might be searching for information to try and fine+sue me over the
> NDA; it would not surprise me if so, at all. Having set up a lot of the
> network stuff there myself though, I can tell you that if something like
> this originates from that IP, it's not been someone else or a system that
> got compromised and abused by someone else outside the office. Unless of
> course they really messed up their setup after making me quit, but I
> somehow doubt it."
>
> Further specifics are not known at this time.
>
>
> [from our security news correspondent]
>
Some of these companies pursuade themselves that if they
can break into a company's IT system, surely that company
will hire them to fix it! Yeah, right!
| 
XML site map