Re: Hacker hits Duke system

[InfoSec News <isn () c4i org>]

Forwarded from: Mark Bernard <Mark.Bernard () TechSecure ca>

Dear Associates,

fyi... if the hacker picked off employee information, which is likely
better protected than the master database, than what about clinical
patient records? I don't buy the story that those systems weren't
touched. Most of these systems are network together and if anything
mainstream data used by most organizations is more readily available
than executive salary information.

As hackers get smarter you can bet that they'll target more of the
identity management systems such as Microsoft's Active Directory and
Kerberos with its known weaknesses. Lots of people use the same user
ids and passwords for both work and personal systems. So although the
hackers may get no further with Duke they might start testing online
banking systems or other such systems with their new found illegal
information assets.

Furthermore, aggregated data found on public systems such as Monster
and Workopolis may help to further refine potential targets of
economic opportunity from these illegally new found assets.

Best regards,
Mark.


Mark E. S. Bernard, CISM, CISSP, PM,
Principal, Risk Management Services,

e-mail: Mark.Bernard () TechSecure ca
Web: http://www.TechSecure.ca
Phone: (506) 325-0444


Leadership Quotes by Kenneth Blanchard: "The key to successful leadership 
today is influence, not authority."


----- Original Message ----- 
From: "InfoSec News" <isn () c4i org>
To: <isn () attrition org>
Sent: Saturday, June 04, 2005 3:23 PM
Subject: [ISN] Hacker hits Duke system


> http://newsobserver.com/business/story/2471894p-8875992c.html
>
> By JEAN P. FISHER
> Staff Writer
> Jun 4, 2005
>
> A hacker broke into the Duke University Medical Center computer system
> last week, stealing thousands of passwords and fragments of Social
> Security numbers, Duke officials said Friday.
>
> Duke is notifying about 14,000 people, roughly 10,000 of whom are
> medical center employees, that their information may have been
> compromised and is advising people to change passwords if they use the
> same one for multiple purposes.
>
> Other individuals affected include alumni of the Duke University
> School of Medicine, physicians and other clinicians who registered
> online for some types of continuing medical education at Duke and
> others who accessed certain Web pages maintained by the medical
> school.
>
> The incident is the latest in a series of security breaches nationally
> at banks and other major organizations that store personal
> information. This is one of the largest yet to hit the Triangle.




_________________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 23-28 - 
2,000+ international security experts, 
10 tracks, no vendor pitches.
www.blackhat.com