Late at night one Friday, I got a phone call from a long time buddy who worked for a big countrywide construction company in the role of a chief engineer. Calls from him were predictable while his workstation was giving him a hard time or else a weekend expedition was being considered . However, this call started quite differently from the way it normally starts. He acknowledged that he some how had got a feeling that he had been hacked — his hard disk shows significant activity even in the dead of night and the recently loaded Mcafee was logging a notable deal of unknown traffic. I knew he used a cable modem and a VPN to operate from his residence, either at night or throughout the daytime, to prevent traffic and common organization interruptions. I was furthermore aware that he used Windows XP as an operating system and standard set of programs to complete his piece of job. Additionally, his system was always powered on — and why not when you have an broadband package with unlimited transfer within 512 kbps?
Completely convinced that he had been attacked, I told him not to lay a hand on the workstation and to start a sniffer using an additional notebook on his home-based connection to find out what was obtainable over the wire. In a sphere of a few minutes, communications were happening linking his notebook and an Internet-based host. It was apparent, afterward looking at the traffic without a doubt that someone must have been accessing his system! I immediately told him to unplug the Ethernet from the cable modem and asked how serious might the issue possibly be— in other terms, what was on the box that someone intentionally would crave or else be thankful for getting.
Past a brief conversation, it appeared that the hacker was accessing all the tender post used for building projects all over India, most of the documents covered with logos, competition analysis, schedules, and cost projections. It was my friend’s duty to pull together this information and assess it for quality Control and engineering issues. Additional discussions led to assertion from him that he knew what time he previously had accessed the data based on his work routine and broad recollection. It was during this moment he told me that he has been experiencing this sort of behavior tor quite some time now but he didn’t want to bother without having any confirmation. He wanted to install a good anti-virus program.
I discovered a old widely popular trojan with unsophisticated plugins which made me to believe that the incident might not be intentional and he got his system infected accidentally. We then went on to verify when the files were accessed; many were accessed during the night quite a few weeks ago. Other investigation showed up hidden directories and questionable e-mails he had acknowledged sometime back. What more, lot of other files were also accessed residing in the company’s network where my friend was logged into using the same VPN. The complete phone conversation lasted more or less three hours. I know for very sure that his call with the director was even more scarier and lasted much longer. But was it his fault? His company provided him the Internet connection and the VPN software, and access from his residence was encouraged. He desired access to the Internet and he typically got more work done at home than at his office headquarter. However, an unknown assailant on the Internet, who may well be a sophisticated attacker or a script-kiddie stumbled into a pot of gold, accessed tremendously sensitive data over long time.
Key Idea: VPN provides you with secured form of communication; however if the end points are some how compromised (which have a greater possibility) , the whole security of VPN goes to vain! Security of individual workstation, notebooks are equally important to reap the full benefits of a VPN.
{ 1 comment… read it below or add one }
Creating secure VPN tunnels should not simply be a reaction to a possible epidemic. Instead organizations should consider what their goals are around creating a connected work policy and then use the right technology to support their goals.