Category Archives: Security Scout

The Simplest, Cheapest, and Most Effective Disaster Recovery Plan Ever

disaster-recovery-planAbout a decade ago, I personally witnessed the handover of the simplest, cheapest, and most effective disaster recover plan ever.

Let me first give you a little background….

I worked for a great IT director, who moved to another company, much bigger, and brought me with him.

In the new company, he again was responsible for all IT, and he brought me along to manage security and disaster recovery.

If I named this company, at least 25% of you would recognize it, even those of you around the world–true story, too.

Continue reading

6 Comments

Filed under Case Files, Humor/Irony, Security, Security Scout, Technology

Library: Never the Twain Shall Meet

cardCatalogDuring a recent visit to a library near you, I was trying to find a book via the online card catalog.

[I remember when card catalogs were on actual cards, in drawers, like the one pictured. Yikes!]

I was trying to find a book by someone who runs an analytics blog that I frequent, but I couldn’t remember the guy’s last name.

Continue reading

2 Comments

Filed under Security, Security Scout, Technology

Don’t Use GRC app to do Workpapers!

eat internal audit dog foodI consulted with a company that implemented a new GRC package, and unfortunately they are using an application designed for GRC to do audit workpapers.

That wasn’t the only move that was questionable…

Continue reading

11 Comments

Filed under Audit, Security, Security Scout, Technology

Security Failure: Empty Your Garage

garage openerWhen I was visiting a friend, she told me that her garage door opener no longer worked. For once, I did not suspect to find any security failures.

Occasionally, I am wrong.

Continue reading

3 Comments

Filed under Security Scout, Technology

Data Center Failure: Conclusion

conclusion: sad faces

In previous posts, I described how I gained access to the data center area and then the data center proper.

I had bypassed door #1 and door #2.

My new colleagues were not happy.

Continue reading

Leave a comment

Filed under Case Files, Security, Security Scout

Data Center Failure: Going Behind Door #2

drop ceilingIn my previous post, I described a data center failure that I discovered as the newly hired security manager of a prominent company.

In this post, I describe my next adventure.

NOTE: Some of the details below were changed a bit to protect the guilty. I tweaked their noses enough. :)

Continue reading

1 Comment

Filed under Case Files, Security, Security Scout

Data Center Failure

Data Center FailureOne company I worked at had a sad data center failure, and I’m not talking a power outage or a fire or theft.

When I arrived at this company, it had no security department. Few security processes. Little security.

And the company also made two interesting mistakes when it hired me.

Continue reading

2 Comments

Filed under Audit, Case Files, Security, Security Scout

Security Failure: Empty Your Drawers

empty your drawersI was visiting a dear friend recently when I happened upon a security failure.

My friend lives in an upscale, assisted living facility and recently had thousands of dollars withdrawn from her accounts via ATM.

Continue reading

3 Comments

Filed under Security, Security Scout

UnNeighborly Security

Hack me now!I recently ran into some unneighborly security. It happens all the time to those of us who know how to build, upgrade, secure, and troubleshoot hardware and software.

I’m over at my neighbor’s house and he says, “Hey, you work with computers, so can you take a look at mine?”

There goes the afternoon.

Continue reading

4 Comments

Filed under Security, Security Scout, Technology

If Your Password Disappears, Look 4 it

If you enter a password into a login box and your password disappears, look for it!

I’m serious, because it happened again today. Not to me, but to my colleague.

Continue reading

Leave a comment

Filed under Security, Security Scout

Why U Should Question Security Questions

Capital letters, security questionsEvery once in a while I question security controls, and the latest one I questioned was security questions.

I’m talking about those questions that financial sites like banking and credit card sites ask you when you log in. Not the ones used to reset your password (although this post applies to them too).

No, this won’t be a rant about the stupid questions that sites give you to chose from, such as your mother’s maiden name or what is your favorite color. I gave up questioning those issues long ago.

Continue reading

Leave a comment

Filed under Security, Security Scout

Library Checkout: Touch Screen, Lose Password

touch screen, lose passwordA library near me implemented self-checkout stations that use touch screens that make it easy to lose your password.

Those of you who’ve been around might remember I have written before about libraries and how I’ve found questionable security.

So how do you lose your password?

Continue reading

2 Comments

Filed under Security, Security Scout, Technology

NFL Sprinkler Interruption a Hack?

NFL sprinkler hack mask

NFL sprinkler hack?

When the sprinkler system caused an interruption of the Miami-Seattle NFL game on Sunday, November 25, no one called it a hack. Neither am I.

But if you heard about the event prior to reading this, did it cross your mind that it could have been a hack? What about other unusual events?

If not, and you’re an IT auditor or a security pro, you should at least consider such things, at least briefly. If not, you might want to check your professional skepticism sensor.

Continue reading

2 Comments

Filed under Security, Security Scout

Internal Attacker Detected: Conclusion

Minutes later, one of the security techs met me at Lynn’s cube with a box that we quickly filled with the contents of her desk: files, CDs, DVDs, notedpads, books, etc. The other help desk analysts in adjacent cubes looked at us with silent questions on their faces.

I noticed that one of them was a new employee that had attended my security presentation in employee orientation last week, so he knew who I was. That meant rumors would spread quickly. While I never enjoyed walkouts, they reminded the staff that security incidents have consequences.

This is a multi-part series. See Internal Attacker Detected: Part 1, Internal Attacker Detected: Part 2, and Internal Attacker Detected: Part 3.

Others on my team had already imaged the old computer and had started imaging the new one across the network as soon as my meeting with Lynn began (by design, she was not told of the meeting beforehand). Both images would be sent off to the Forensics team.

Continue reading

9 Comments

Filed under Case Files, Security, Security Scout

Internal Attacker Detected: Part 3

Tim said, “Mack, like you suggested, I connected to her new PC over the network and searched her hard drive for the hacker tools–they’re back, plus a few new ones. And her antivirus is turned off again.”

This is a multi-part series. See Internal Attacker Detected: Part 1 and Internal Attacker Detected: Part 2.

After discussing my action plan with the CIO, Legal, and Human Resources, I met with the contractor’s manager, Sue, and explained the situation. Both the hacking tools and turning off a security service were serious violations of security policy. I had recommended the person be walked out and told her that the CIO, Legal, and HR agreed.

Continue reading

4 Comments

Filed under Case Files, Security, Security Scout

Internal Attacker Detected: Part 2

Two days later, I walked up to the well organized desk of Tim, the malware tech that told me about the hacking tools that he’d found on a contractor’s PC.

“Tim, did you find any bear paw in the trap we set?”

This is a multi-part series. See Internal Attacker Detected: Part 1.

Tim turned around, and I could immediately tell he was not happy. His jaw was tight, his hair was clumped, and his blurry eyes told that he had not been to bed in the past 24 hours.

Continue reading

2 Comments

Filed under Case Files, Security, Security Scout

Internal Attacker Detected: Part 1

A while back when I worked in IT security, an internal attacker popped up on our radar…

I answered the phone and heard a tech from the anti-malware team say, “I think we have a problem, Mack. Got some time to come down and see what I found?”

Continue reading

3 Comments

Filed under Case Files, Security, Security Scout

Out-of-Office Reply Tells All

I checked my personal email account and found I had 3 out-of-office replies from people who obviously belonged to the same organization. However, I had never emailed any of them.

At first I thought they were some kind of a malware emails, but they were text only and contained no links. So I just left them in my email box and wondered about them every time I saw them. Then I figured it out.

Continue reading

4 Comments

Filed under Blogging, Security, Security Scout

Pathethic Password Help Pages

I found some really pathetic password help pages on a company’s intranet while I was there visiting.

This is a large company that most people would recognize, and it is subject to plenty of government regulations. Overall, I’ve heard the security is pretty tight, but since I’ve never worked there, I can’t speak from experience. Except, that is, the experience I mentioned in an earlier post, Randomly Generate Weak Passwords. Perhaps all their security is what Bruce Schneier likes to call “security theater.”

Continue reading

2 Comments

Filed under Audit, Humor/Irony, Security, Security Scout

Searching for Secrets

I was visiting a friend at large, public company doing some benchmarking when we had to schedule several meetings with IT to gather data. My friend “Meako” starting entering attendees into his online calendar to see whether we could get some important meetings scheduled during the next week.

Continue reading

1 Comment

Filed under Audit, How to..., Security, Security Scout

Randomly Generate Weak Passwords

I was at a client’s site looking for more contract work when the manager of the department started telling me about their great IT security website on their Intranet. She clicks on their random generator password page and shows me how you can generate a block of “approved” passwords, sanctioned by their security department. At the top of the page, a banner read: Select a Strong Password!

Continue reading

4 Comments

Filed under Humor/Irony, Security, Security Scout

Bank No Longer Invites Hackers In

Remember the Security Scout adventure where I roamed the basement of a major bank and found questionable security issues? If you missed it or need a refresher, read Major Bank Invites Hackers In?

Guess what happened at the bank?

Continue reading

2 Comments

Filed under Audit, Security, Security Scout

Free Firewall Password (Just Ask)

A couple of weeks into a new job, I was told that I was now in charge of the Internet firewall. I suddenly realized I had two major problems:

  1. I did not know squat about firewalls.
  2. I did not know the firewall password.

Continue reading

1 Comment

Filed under Security, Security Scout

Pwd on the Wall 2

My last post, Password, Password on the Wall, triggered a memory of another password issue I stumbled upon some time ago.

I had flown across the country to help a fellow system administrator upgrade some of his applications. At one point, we left the data center and ventured out to the factory floor to fix a botched client software installation.

Continue reading

Leave a comment

Filed under Security, Security Scout

Password, Password on the Wall

After a friend bought me lunch today, he showed me around his work place. During our walk, we stopped at the IT workbench area to see if the laptop he ordered for a new employee would be ready by Monday (I tagged along).

Continue reading

Leave a comment

Filed under Security Scout

Truck Blocks Parking Ramp Exit

A friend of mine noticed a truck blocking the exit of the parking ramp where he works, which is a big, international company. Since he was just arriving for the morning, it didn’t seem to matter, but a red light started to blink slowly in the back of his brain.

Continue reading

Leave a comment

Filed under Security, Security Scout

Major Bank Invites Hackers In?

A short while back, I attended a meeting in the basement of a branch of a major, national bank. The bank didn’t know whether I was a hacker or not, but I was allowed in (kind of invited) anyway.
Continue reading

Leave a comment

Filed under Audit, Security, Security Scout

Do Your Security Cameras Give Good Customer Service?

I went to Menards, the home improvement store, and received great customer service, compliments of the security cameras. I also bought too much stuff. Not only did I buy too much, I didn’t make it home with everything I paid for.

Continue reading

1 Comment

Filed under Security, Security Scout