
	Home > Security Tips > Compliance Counselor > How most compromises are made

Security Tips:

EMAIL THIS

TIPS & NEWSLETTERS TOPICS

COMPLIANCE COUNSELOR

How most compromises are made

Arjen De Landgraaf
08.28.2001
Rating: -4.22- (out of 5) Hall of fame tip of the month winner

Digg This!

StumbleUpon

Del.icio.us

How most compromises are made

This tip was submitted to the searchSecurity Tip Exchange by user Arjen de Landgraaf. Let other users know how useful it is by rating the tip below.

In New Zealand, we find that most serious compromises are still caused by contractors and third parties throwing away draft instruction manuals, development notes, etc. with user-IDs and passwords in them.

It is a hobby of hackers to steal the paper rubbish in the middle of the night. Hackers trace the rubbish deposit locations of firms, check the security guard timing, jump over the fence, chuck the bags over and take them home to "dig for gold."

Breaches made through a seemingly "legitimate" access using valid IDs and passwords are almost impossible to detect. A number of large corporate systems in final development stage have recently been compromised this way, where hackers leave Trojans embedded in the final code. This allows them to return into the systems when released for production.

Rate this Tip
To rate tips, you must be a member of SearchSecurity.com. Register now to start rating these tips. Log in if you are already a member.

BROWSE BY TAG

Compliance Counselor, VIEW ALL TAGS

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Compliance Counselor
	Benefits of ISO 27001 and ISO 27002 certification for your enterprise
	Identity lifecycle management for security and compliance
	Interpreting 'risk' in the Massachusetts data protection law
	FTC Red Flags Rules: How to create an identity theft prevention plan
	Creating a HIPAA employee training program
	Data protection tips for corporate compliance leaders
	PCI DSS compliance requirements: Ensuring data integrity
	Understanding PCI DSS compliance requirements for log management
	Are 'strong authentication' methods strong enough for compliance?
	Strategies for using technology to enable automated compliance

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

Research Solutions for Network Security, Access Control and Security Threats

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy