Irregular Expressions

Sep 22 2011   8:34PM GMT

Payroll hackers

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

This case a few good items from a incident handling side and a few more bad things.

This group used physical break and enters along with wireless penetration to get in to company’s to mess with the payroll.  Once in the system they stole identities, setup more back accounts with the employee’s and then gave raises.

They were even in a position to monitor the response to the incident in at least one of the company’s including phone calls to authorities.

A couple good incident handling ideas from all this.

  • Use out of band communication, cell’s.  Using a VOIP phone on an unknown network may be bad.
  • Auditing systems is a must, things like changes to a payroll DB are a good example.
  • Logging is great for coming out of an issue, you can use them to try and track them around the network.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: