The coworker gets in trouble. He either voluntarily gave out his password, or left it written down somewhere that the guy who left could find, or picked one that was easy to guess.
John From: Wilhelm, Scott [mailto:swilh...@mcs.k12.ny.us] Sent: Friday, March 19, 2010 11:41 AM To: NT System Admin Issues Subject: RE: Made me chuckle In that case, would it be reasonable to reset everyone's passwords whenever someone leaves the company to prevent something like this from happening, or does the coworker get in trouble as well? Would definitely be a sticky issue. From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] Sent: Friday, March 19, 2010 11:34 AM To: NT System Admin Issues Subject: RE: Made me chuckle Yeah, we've been discussing this one in an IT security class I'm taking in grad school. Lots of things went wrong here. Apparently the fired guy had a former coworker's password. And in addition to screwing with the cars, he did other things like placing thousands of dollars in orders under the company's name. John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.us From: Mike French [mailto:mike.fre...@theequitybank.com] Sent: Friday, March 19, 2010 11:34 AM To: NT System Admin Issues Subject: OT: Made me chuckle 46. March 17, Wired - (Texas) Hacker disables more than 100 cars remotely. More than 100 drivers in Austin, Texas found their cars disabled or the horns honking out of control, after an intruder ran amok in a web-based vehicle-immobilization system normally used to get the attention of consumers delinquent in their auto payments. Police with Austin's High Tech Crime Unit on March 17 arrested a 20-year-old who was a former Texas Auto Center employee who was laid off last month, and allegedly sought revenge by bricking the cars sold from the dealership's four Austin-area lots. The dealership used a system called Webtech Plus as an alternative to repossessing vehicles that haven't been paid for. Operated by Cleveland-based Pay Technologies, the system lets car dealers install a small black box under vehicle dashboards that responds to commands issued through a central website, and relayed over a wireless pager network. The dealer can disable a car's ignition system, or trigger the horn to begin honking, as a reminder that a payment is due. The system will not stop a running vehicle. Texas Auto Center began fielding complaints from baffled customers the last week in February, many of whom wound up missing work, calling tow trucks or disconnecting their batteries to stop the honking. The troubles stopped five days later, when Texas Auto Center reset the Webtech Plus passwords for all its employee accounts, says the manager of Texas Auto Center. Then police obtained access logs from Pay Technologies, and traced the saboteur's IP address to the suspect's AT&T internet service, according to a police affidavit filed in the case. Source: http://www.wired.com/threatlevel/2010/03/hacker-brickscars/? utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+wired/index +(Wired:+Index+3+(Top+Stories+2)) Mike French Network Engineer ~EQUITY BANK<http://www.theequitybank.com/> Office: 214.231.4565 mike.fre...@theequitybank.com<mailto:mike.fre...@theequitybank.com> "Evidently excellence in security by some security-centric vendors is defined as being the head of the class in a room filled with children without a propensity to learn." - Anonymous NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
