What are Our Co-workers Doing on the Net?
8e6 has a report here that should provide all of us in security an amusing insight into what our co-workers are doing on the internet.
Apparently, they ran a contest to see who had the most egregious uses of the internet discovered by co-workers and employees. The report is about funny to read, the really sad part is that I have been involved in a lot of these kinds of things as the principle investigator or just support for the investigation. Happy humor for this Saturday morning.
Reselling corporate bandwidth?
One employee had corporate-provided Internet access at home and added a simple wireless router and switches to resell Internet access to his neighbors.
Another rogue employee set up wireless routers throughout the office; opening up security holes throughout the network.
One employee had downloaded a huge amount of prohibited content such as videos, MP3 files and movies to his workstation. He then set up an internal media server to the rest of the company in order to “save” bandwidth.
Another employee brought in his personal laptop, plugged it into the government network and was running a personal auction site selling government property.
One employee used the corporate network to give his family and friends access to the company IP PBX so they could make free Internet phone calls overseas.
Yet another employee was using a workstation to participate in an illegal movie distribution ring.
You have to admire the ingenuity of folks who this, the good part is that rogue wireless nodes and other nodes are fairly easy to discover. Still fairly amazing in the longer run that the employee did not plan on getting caught.
Porn at Work – these are the top going to get the company in trouble if discovered:
One employee was using company bandwidth to run his own porn site from the office.
Not only was the employee using corporate resources, but after hours he would sneak models into the office and have them pose on the office furniture, including his boss’s office!
A male employee closed his door to run his personal online live sex show during work hours.
Another male employee was discovered putting up nude photos of himself. The employee was 5’5″ and over 400 pounds!
An executive at one organization was downloading and viewing an offensive Web site and complained to the IT administrator that it was taking too long.
One employee was surfing porn Web sites, downloading pictures and then forwarding them to his colleagues.
This is the kind of activity that should make most legal, security and system admins cringe when they read this one, or otherwise re live happy memories of when they were busy busting these people. Although at this point, the live sex server or porn server at work has been told so often its probably part of the corporate mythos now, we all know that story too well.
Enjoy the article, I fell over laughing and its well worth the read.
Dan Morrill has been in the information security field for 18 years, both
civilian and military, and is currently working on his Doctor of Management.
Dan shares his insights on the important security issues of today through
his blog, Managing
Intellectual Property & IT Security, and is an active participant in the
ITtoolbox blogging community.