Sister CISA CISSP

Oct 9 2008   2:00PM GMT

Hardware? What Hardware?



Posted by: Arian Eigen Heald
Tags:
Hardware & InfoSec
Security

I came across a recent post from the Breach Blog reporting that a U.S. Naval Laboratory employee – the computer administrator – had stolen 19,709 pieces of computer equipment, worth up to $1.6 million.

Did no one see this guy carting hardware out the door? I’m not talking about the small stuff, I’m talking about the more than 100 personal computers. Doesn’t a Naval laboratory have cameras on the exits, and guards? I know it’s easy to have hindsight vision, but this seems like it should have tripped somebody’s awareness alarm.

We can also extrapolate that there was no inventory control of hardware, AND no financial oversight of hardware costs. This happened over the course of ten years, so maybe he was able to slide it in under the radar.

What about the information ON the hardware? The Navy says only 14 people were affected. Given the evidence of their controls so far, I’m not sure I have a high level of confidence. They had to go through hard drives, CDs, Zip drives and all those computers. I hope they did.

How was this discovered? He and his wife are divorcing, she filed a protection request, and told his bosses she wanted his “work stuff” out of the house. He had so much stuff, he was storing some of the equipment at a neighbor’s house.

1  Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Suzanne Wheeler
    I can't believe he's only facing 12-18 months in prison for this! That's a slap on the wrist. I should have started carrying hardware home from employers ages ago. Think of the value on eBay! (Oh yeah, that's why I didn't do it. Too traceable.) Storing it at a neighbor's? I'd never be allowed to accumulate that much stuff! His wife was far too lenient.
    360 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: