Safe at home

Protecting data outside the corporate firewall is no longer an option, it's a must-have security feature.


You Can't Detect What You Can't See: Illuminating the Entire Kill Chain

On-Demand Webinar

(Page 1 of 3)

It could have been a scene from Poltergeist. Only instead of angry ghosts invading a television screen, an unidentified intruder took control of a networked computer and rendered it almost useless.

It was the middle of the night in May 1999 when a computer hacker infiltrated the PC of Jim Jarrard, president of Cinema Networks Inc. (cinenet.com), a film and stock footage library in Simi Valley, Calif. The intruder had sniffed out Jarrard's IP address, gained access to his hard drive over his digital subscriber line (DSL) connection, and began downloading a piece of file transfer protocol (FTP) software onto Jarrard's machine.

Once installed, the software would allow the hacker to index Jarrard's hard drive and to steal whatever he found, including the lifeblood of Jarrard's company: the digitized cinemagraphic images Cinema Networks licenses to TV companies, ad agencies, Web designers, and film makers. Among these images are ocean scenes for some Barbie doll packaging and clouds for a Chevy Tahoe advertisement.

Fortunately for Jarrard, his computer crashed while the hacker was going about his nefarious business. The crash froze the PC, leaving evidence of the intrusion right on the screen for Jarrard to find the next morning. "Unfortunately for us, however, the installation of the FTP software was successful enough that we couldn't find and remove all traces of it," recalls Jarrard.

The hacker, who had stolen the software and deleted the serial number, had modified the program to allow it to be installed in several obscure places on his target's hard drive. The standard "uninstall" command was useless. As a result, the possibility that the hacker--who was never apprehended--could return on the sly at any time and peruse his hard disk hung over Jarrard's head.

Jarrard spent days on the telephone with the FTP software manufacturer trying to find a solution. "I would be talking to a technician on the telephone, and he'd be saying, 'Yup, I can see your c: drive, and here are the names of your files.' It was scary," Jarrard says. "In the end, we just had to go ahead and reformat the entire drive."

At a Glance

Dynamic Solutions Group

The company: Dynamic Solutions Group is an Edmonton, Alberta, Canada-based IT consulting and services firm with 115 widely dispersed associates.

The problem: Keeping data secure amongst all the telecommuters.

The solution: Install personal firewall software and anti-virus programs and institute stringent e-mail policies.
High price to pay

While it is difficult for Jarrard to estimate the financial impact of the hacker's work, his company spent two weeks making calls, doing research, and working with technical support people to determine how to uninstall the FTP software. Hoping to avoid a repeat invasion, Cinema Networks also asked developers at the third-party FTP software firm to try and gain unauthorized access to its system.

Next, the company spent a day backing up its data, and another two days reinstalling software and reconfiguring the system. Finally, Cinema Networks spent several days researching firewall technology, a headache-causing experience due to incompatibilities between at least one firewall solution and the shared DSL software it was using.

Soon after going through this labor-intensive process Jarrard purchased and installed Sybergen Secure Desktop (formerly SyShield), a $29 personal firewall software program from Sybergen Networks Inc., of Fremont, Calif. Next, he mandated that all company computers connected to the Internet via DSL or cable modems be equipped with firewall protection.

Page 1 of 3

1 2 3
Next Page

Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.