Not An Isolated Incident

By Lawrence Walsh  |  Posted 2008-01-28 Print this article Print

Jerome Kerviel’s fraudulent activity cost the French bank $7.2 billion and reminds us all that technology isn’t always the solution to preventing major security breaches.


Sadly, this isn’t an isolated incident. According to the 2007 Computer Security Institute survey, roughly six in 10 enterprises reported a security breach by inside users. Enterprises stood a better chance of suffering an insider attack than having computers and networks compromised by viruses and worms, according to the survey.

Insider attacks long have been the more dangerous and destructive attacks, since they’re difficult to detect and prevent because of the users trusted access. Prior to regulations such as Sarbanes-Oxley and California’s SB 1386, few insider breaches were reported since they were just as easily covered up. Kerviel may go down as the most financially devastating to date, since the discovery of his fraud has put Societe Generale on the verge of ruin and sparked market sell offs around the world, but consider some other trusted insider and the damage they caused.  

  • Timothy Lloyd (1996):  Knowing that he was on the verge of being fired from his job at Omega Engineering in New Jersey, Lloyd used his programming skills and access as one of the company’s network administrators to plant a logic bomb. Three weeks after he was terminated, the bomb wiped the databases clean and cost the company $10 million in lost revenue. Omega Engineering eventually went out of business because it couldn’t recover from the loss.
  • Robert Hanssen (2001): the disgraced FBI agent—passed over several times for promotion—used his expert knowledge and access to steal counter-espionage and foreign intelligence data to sell to the Russians. The full extend of the damage he caused to national security over two decades may never be known, but the information he leaked did cost the lives of foreign operatives who’s identities were compromised.
  • Certegy “anonymous” database admin (2007): Details of this case are still sketchy more than six months after coming to light, but a database administrator charged with controlling access to check-cashing transaction data used his inside knowledge to steal bank account numbers and submit his own transactions. More than 8.5 million bank and credit card accounts were compromised.

Yes, enterprises should implement security controls and monitor user activity for inappropriate and prohibited behavior. Yes, enterprises should have defined segmentation and separation of duties for their employees to ensure no one user can gain access to all digital jewels. And yes, enterprises should routinely audit user accounts to ensure policy compliance.

And despite these precautions, the trusted insider will remain the most dangerous threat to enterprise security. No matter the security precautions taken, the Societe Generale/Kerviel case proves once again that no amount of technology will stop a person who you trust with your company’s digital and financial assets.

Lawrence M. Walsh is editor of Baseline Magazine and a noted security journalist. Share your thoughts on insider threats and trusted users turned hackers at lawrence.walsh@ziffdavisenterprise.com.

Lawrence Walsh Lawrence Walsh is editor of Baseline magazine, overseeing print and online editorial content and the strategic direction of the publication. He is also a regular columnist for Ziff Davis Enterprise's Channel Insider. Mr. Walsh is well versed in IT technology and issues, and he is an expert in IT security technologies and policies, managed services, business intelligence software and IT reseller channels. An award-winning journalist, Mr. Walsh has served as editor of CMP Technology's VARBusiness and GovernmentVAR magazines, and TechTarget's Information Security magazine. He has written hundreds of articles, analyses and commentaries on the development of reseller businesses, the IT marketplace and managed services, as well as information security policy, strategy and technology. Prior to his magazine career, Mr. Walsh was a newspaper editor and reporter, having held editorial positions at the Boston Globe, MetroWest Daily News, Brockton Enterprise and Community Newspaper Company.

Submit a Comment

Loading Comments...
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.