Threat
Adrian Lamo is a former computer hacker, his crimes took place in 2002, up until then he would try to break into computer systems of major companies such as Worldcom in order to help them fortify their own systems.. But in February 2002 he illegally broke in to the computer network of the New York Times through a wrongly configured proxy server. He then threatened the security of personal information of high profile associates of the Sunday Times as he added his name to their internal database and conducted his own research. He was able to do this as one of the employees who had the authority to create new accounts had not changed their password from the company default. The validity of the Sunday Times data was also jeopardized as Lamo accessed and modified confidential databases.
Impact
Employees and 3,000 contributors at the Sunday Times were negatively affected as personal information was given out about them, Information such as their names and social security numbers were viewed. This means that the risk and chance of their identities being stolen became very high. Other information taken was logs of customer home delivers, lists of business contacts and a series of passwords. All of this meant that the Sunday Times came in for heavy criticism as all of this information was taken because of their weak password system. That in turn meant the contacts whose identities were revealed lost a lot of trust in the Sunday Times and they ultimately lost business.
Resolution
After a 15 month investigation by the prosecutors in New York Lamo was tracked down and surrendered to the FBI on September 11th 2003. He pleaded guilty to one count of computer crimes against Microsoft, LexisNexis and The New York Times. He was sentenced to 6 months detention in his parents house, during this time he had limited access to computers and all emails were monitored by probation officers, he was also sentenced to 2 years probation and fined $64,900. As a result the Sunday Times strongly tightened up their security systems. Lamo is no longer a hacker and in 2010 he proved his hacking days are behind him because he reported a former soldier to the authorities for leaking secret US documents to the website Wikileaks.
References
http://www.computerworld.com/s/article/94600/_i_New_York_Times_i_hacker_Adrian_Lamo_gets_home_detention
http://www.geek.com/news/adrian-lamo-hacks-new-york-times-548405/
No comments:
Post a Comment