What Can We Learn From This Story?   2 comments

Headline: Angry Employee Deletes All of Company’s Data, from foxnews.com

There’s actually quite a few interesting security and systems lessons in this one article. Quoting here:

When Marie Lupe Cooley, 41, of Jacksonville, Fla., saw a help-wanted ad in the newspaper for a position that looked suspiciously like her current job — and with her boss’s phone number listed — she assumed she was about to be fired. So, police say, she went to the architectural office where she works late Sunday night and erased 7 years’ worth of drawings and blueprints, estimated to be worth $2.5 million.

It didn’t take Steven Hutchins, owner of the architectural firm that bears his name, much time to figure out who’d done it — Cooley was the only other person who had full access to the files.

Hutchins told one TV station he’d managed to recover all the files using an expensive data-recovery service.

As for the job, Cooley originally wasn’t in danger of losing it. The ad was for Hutchins’ wife’s company.

The first lesson here is that you should never have only one copy of $2.5 million dollars worth of anything. The second lesson is that at some point, project drawings (or whatever your data happens to be) should be archived into a read-only state, which would have limited her ability to only messing with the firm’s current projects. The third lesson is that certain types of behavior can’t be easily restricted with simple negative consequences. Surely Ms. Cooley, if she had been thinking rationally, would have known that she was going to be caught out for this, which implies either she was so angry at the thought of being fired she was acting irrationally, or her idea of the consequence (“Well, all he could do is fire me anyway”) didn’t match the reality (she’s most likely going to be convicted of a crime for this, which will make it pretty much impossible for her to get any sort of real paycheck for the remainder of her working life).

But the real lesson is that it is actually hidden behind all that. It is very difficult to protect yourself from an insider attack, particularly at a small company. If you have a limited number of people you can trust, you’re going to wind up trusting some of them implicitly. Even if Hutchins’s architectural firm had taken steps to help prevent this sort of thing from happening, it’s likely that Ms. Cooley would have been able to seriously bollix up the works anyway if she was determined enough. Read-only media can help cut down the risk, but if someone had physical access there’s nothing to prevent them from taking a fire axe to the disk (or tapes or DVDs or whatever media they might have used for archival purposes). A trusted insider with the right information could even arrange to get rid of offsite backups with a simple phone call (“Our server crashed and we need our offsite backup copies for a restore…”).



Posted January 29, 2008 by padraic2112 in news, security

2 responses to “What Can We Learn From This Story?

Subscribe to comments with RSS.

  1. Re: What can we learn.

    That fox news is biased towards the company’s side. Where have you been? They are ignoring the fact that the owner of the company used to break into this ladies house and kick her cat while she was working 112 hour weeks on a salaried postion at the poverty level. And of course, he was really going to fire her. Can’t believe you missed it! Certainly she was being rational, and trying to put a stop to this villian!

  2. Pingback: Encryption is not a magic lotion you can rub on your hardware and make it secure « Pat’s Daily Grind

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: