Sophos Cloud Optix
Imagine you’re giving a presentation to the board of directors at your company. You have your PowerPoint slides all ready, you’re projecting onto a 64 inch screen… what could possibly go wrong?
Well, what would you do if your carefully composed presentation was replaced on the big screen by images of a naked woman? My guess is that you wouldn’t know where to put your laser pointer..
52-year-old Walter Powell used to be an IT manager at Baltimore Substance Abuse System Inc, until he was fired in 2009. Clearly someone who believed that revenge should be served red hot, Powell used his computer knowledge to hack into his former employer’s systems from his home and install keylogging software to steal passwords.
On one occasion, Powell took remote control of his former CEO’s PowerPoint presentation to the board of directors, and projected pornographic images on the 64 inch TV.
According to media reports, Judge M. Brooke Murdock gave Powell a two year suspended sentence, and ordered him to 100 hours of community service and three years’ probation.
Cases like this underline the importance of having a proper process in place when staff leave your company. That means changing passwords, and removing access rights when an employee’s time at your firm comes to an end.
People do, of course, leave jobs all the time and most of them would never dream of logging back in to their old place of work to cause trouble. But it only takes one disaffected former worker to wreak havoc – so make sure your defences are in place, and that only authorised users can access your sensitive systems.
Having said that the IT Manager should know the system very well including any potential weak spots, if he knew he was for the chop he could have created a few to allow himself access even after company procedures.
So no one fell asleep during this presentation? 🙂
Exactly Richard. As I just found out on Sunday 🙁
Naked Security 😉
Anti-conventional hijack. =O
How would changing passwords have helped in this case? Unless I read it wrong, he used a software keylogger to get the passwords. Change them and he can just steal the new ones, right? It doesn't even matter how "good" a password you use.
Every time I read one of these I wonder at how in the world it occurred to someone to break in and do something like this. I guess what I'm saying is that I'm more than technically capable of doing what this guy did, but I lack the ability to think up something like this. Now that you've put the idea in my head I can see very clearly how it might be accomplished, but I could never think up the idea. I guess I'm saying I am really proficient at the HOW of these things, but the what and why–not so much.
He presumably needed some way to authenticate himself when he first planted the keyloggers remotely (to steal further password information)
Unless he emailed the file to the CEO, believing that they would be dumb enough to launch the file themselves. He could have easily of taken advantage of the social engineering aspect.
good work. managers need to be shot!
Hahah! Love it! Just goes to show ya not to shit in your own back yard.
Worth it 🙂
Is any computer safe? Is any employee trustworthy?
I think just not mistreating your employees is good enough. At my old work place, for someone they laid off just before her lifetime insurance benefits were about to kick in, when she asked how they could do their job with conscience, they coldly replied: well someone has to do it. At another place, I was tempted to SQL inject the database because the manager was a d-bag.
He obviously had skillz and his former employer rankled him but good when they let him go. Not a good combination.
Personally, I applaud the ex-manager for doing it. I am 51-years old, and I was "fired" from a job similar to this for having a mild heart attack. Their insurance rates were going to shoot up, so they fired me about 2 months after my return, making all kinds of groundless excuses as to why I was being let go. I actually thought about wrecking havoc on their systems, but I've never knowingly broken the law, and I didn't want to start. I do give that manager a big high-five, though :D.
I feel for you man, and I'm sure I'd be awfully pissed too, but that's not the way to go about it.
If they fired you with groundless accusations, no documentation, and it was clear it was because of your health problems… that sounds like serious lawsuit territory.
you are an idiot. there is something called at will employment where an employer can fire you for any reason or no reason at all. maybe you are lucky enough to work in a union for a city job and are fortunate enough to get paid overtime for sitting on your ass and feel secure. but for the majority of us don't have that privelage especially in the tech industry.
except that if it's demonstrably health related … then "at will" or not … it's grounds for a lawsuit … it's health based discrimination and it's against the law in most states.
I feel for you man, had similar. Biker dropped a 600kg load on me from a forklift, was then pulled aside with management present and told "If we ever hear of this again we'll beat the shit out of you" 2 months off work and medical bills pilling up i tired to make a claim but between them and the insurance co, im not sure whos the biggest crook. Needless to say they came good on their word but was also stabbed.
Since then ive been retaining and earned 2 diplomas in engineering, this week went for one of the jobs i've long lusted after but after the legal team done their discovery decided the liability was to high with an existing condition.
Now im not sure where to go or what to do im under 30. I most certainly have the IT Skills to do this if not worse but my moral integrity precludes me. Worse is i have detailed explosives knowledge, Its a good thing im one of the good guys i guess.
"defenses"
British publication, British spelling.
Seriously, its not even worth it. if I’m reading the image correctly he was sentenced to 2years in jail. If he was that good of a “hacker” he wouldn’t have come in from his home ip (as stated). He should have piggy backed on other machines that he may have compromised in order to cover his tracks. Even doing it from a library would have been a better option.
it was 2yrs suspended sentence for time served
Where's the fun if they don't know its you? He was trying to make a point
That is freaking awesome. Wish I had been the one to do it. Now I just have to think up something even better to do.
When will we be able to download the "improved" presentation? I want to see it! Maybe that fired IT guy can provide a copy on here (or WikiLeaks)?
next time, goatse!
pics or it didn't happen
Changing passwords?
What about a "correct procedure" to fire people – one that will leave them without resentment?
It would also be very interesting WHY he was fired in the first place. That might explain some special hatred for the CEO perhaps …
And after all, maybe he thinks it's been worthwile, even doing 2 years community service.
I'd also like to know why he was fired
in my day we used to say: "Once root, always root"
He had it coming. I'm glad Powell only received a light sentence.
And in the end, everyone ALWAYS gets caught. So, I'd ask him, was it worth it?
lol, you would think he would have been smart enough to mask his IP address.
Terminal services and poor judgment.
Just a little insight into the maturity level of embittered ex-employees.
I've seen similar things happen, and I can't agree more … change all that important info!
Hero. That is all.
My guess is he wanted them to know who did it and he didn’t care about the consequences. OR like all people who are really, really angry, he didn’t think they would successfully prosecute him because his anger blinded him to reality.
Granted, this story makes zero mention of the investigation or how Powell was eventually caught, but what kind of "IT manager" in this day and age doesn't know what a proxy is?
One that manages to get himself fired from said position, apparently.
You're giving most IT managers way too much credit. Very few IT managers I've worked with over the last 15 years would have a clue how to do this. Most of them are "MS Office" pros, can work a calendar and a smart phone and that's about it. CIO's and CEO's are even worse…
"Cases like this underline the importance of having a proper process in place when staff leave your company. That means changing passwords, and removing access rights when an employee's time at your firm comes to an end."
However, you first must make them bitter, ignore their problems, don't give them a good package when leaving… But hire a security consultant to sell you a technical solution to a human problem.
This is a good reason to do personality profiles on all new hires, and then also to treat everybody with respect. As a CEO I have to do the hated thing and fire someone occasionally. But this is always a last resort only after trying to fix the problem first. All firings have supportable misbehavior or poor performance well documented before we get to the point of firing. Truth is none of us need anymore enemies out there.
At the end of the day it’s all about having a good and secure AV Product in place.
This guy could have done worse!
Porn replacement is so fifteen years ago. More fun to use the webcam to view the presentation and presenter, then project overlays like “It’s all lies! Oh the humanity!” when their back was turned
Passwords can help but validation should be done after employee has left to ensure logical access are deleted