Monday, July 13, 2009

Yet another example of the trusted insider threat against intellectual property.

In the days before his June 5 resignation from Goldman Sachs, Aleynikov copied, encrypted and transferred approximately 32MB of proprietary code to a server located in Germany, the FBI claimed
Exfiltration is a difficult threat to address. You can try to prevent it by limiting outbound protocols and connectivity. But covert channels are always possible, even something as simple as uploading using a protocol other than HTTP running over port 80/tcp.

Detection may be possible if you have a device that can detect proprietary keywords. A proxy server requiring authentication and providing adequate logging can facilitate incident response: determining the extent of the incident and finding the culprit.

I deduce that Goldman Sachs is either lucky or has a pretty good start on solving this problem.
Aleynikov resigned to take a job with a new company "that intended to engage in high-volume automated trading," for triple his $400,000 salary, the complaint said.
...he was allegedly a vice president of equity strategy.
The reality is, the higher you go up the executive chain, usually the harder it is to enforce rules. That's another reason that security programs are only successful when the CEO and board want it, demand it, and make sure they get it.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.