Data security lessons from Russian spy ring
July 9, 2010 by Sam NarisiPosted in: In this week's e-newsletter, Latest News & Views, Security
You’d think a gang of spies would know a lot about document security — after all, it’s their job to exploit security holes to gain access to sensitive info. But it turns they make many of the same mistakes as your company’s users.
While looking into the Russian ring accused of spying on the U.S., federal investigators found the gang had plenty of security holes of their own — and their lack of IT support and know-how has been a big help in the feds’ investigation.
Among the errors:
- A lack of an effective password policy — One of the alleged spies used a disk protected with a strong, 27-character password to hold confidential documents — but left it written down on a Post-It note stuck to the computer, which officers found when they searched the suspect’s home, Network World reports.
- No network security – Another suspect regularly used unsecured public wireless networks to communicate with Russian government officials. U.S. agents tracked the spy and saw her using the free WiFi offered in book stores and coffee shops.
- Poor help desk support — Some laptops used by the gang took months to troubleshoot, and one spy was so frustrated with her computer that she turned it over to an undercover U.S. agent who promised he could repair it.
DocuCrunch.com delivers the latest IT and Imaging news once a week to the inboxes of over 200,000 IT and Imaging professionals.
Click here to sign up and start your FREE subscription to DocuCrunch!
Tags: passwords, Russia, security policies, spies
Loading ...
