Imperva warns on rogue staff as former YouSendIt.com CEO is indicted
November 2009 by Imperva
Reports are coming in that the former CEO of a Web 2.0 services portal has been indicted for allegedly launching a distributed denial of service (DDOS) attack against his former employers, YouSendIt.com.
According to Imperva, the data security specialist, the case is interesting for several reasons, most notably that the former CEO of the company used a regular application to launch his attacks.
"The fact that the former CEO allegedly used ApacheBench to launch his attack on the YouSendIt servers brings up the issue of what companies can do to stop their former employees - especially staff in a senior position - from attacking their IT resource," said Brian Contos, Imperva’s chief security strategist.
"The answer, of course, is quite a lot, as whenever a member of staff leaves, their ID and passwords should be locked out of the system, and all supervisory passwords to which they had access to should also be changed," he added.
According to Contos, although well-executed DDOS attacks are difficult to plan ahead for, the use of multiple IP connections can go a long away to reducing their effects.
However, he went on to say, in this case, it’s almost certain that the guy used his inside knowledge of the company’s IT architecture to allow a relatively simple DDOS attack to cause problems.
And, Contos explained, the fact that it was a technically simple attack is almost certainly the reason why the FBI were able to quickly track down the alleged perpetrator of the ApacheWeb-generated IP
sessions.
"Organisations whose staff leave the company under a cloud, as appears to have happened with this man, should always take simple security precautions against that employee causing IT-related problems," he said.
"These simple precautions can go a long way to preventing a former employee from staging a malicious attack on their previous employer’s computer systems. Increasing reliance on IT means that firms should place increased emphasis on their internal security systems," he added.
For more on the FBI indictment of a former Web 2.0 company CEO:
http://preview.tinyurl.com/yhuft9v