in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

GS Caltex Information Security Breach Leaked By The Criminals. No Wonder There Was No File Encryption

Four people were arrested over the weekend in relation to the massive data breach GS Caltex—the second biggest oil refiner in South Korea—suffered late last week.  There were signs that this may have been an inside job, based on the fact that there was no hacking involved of the company’s databases (although that can’t always be ascertained with complete certainty), and that only twelve people had access to the entire database.  I had noted in a previous post that file encryption like AlertBoot encryption solutions was not used because criminals are not interested in ensuring data security—as long as their own is safe.

 

Data Encryption?  We’re Trying To Leak Data

 

Well, turns out that I wasn’t so far off the mark, even if I meant it tongue-in-cheek.  The two media disks—one a DVD with over 11 million records and the other a CD with a small sample of what was on the DVD—were left where someone would find them.  That someone being an accomplice in the entire ordeal.

 

Basically, a couple of employees at a GS Caltex affiliate planned the entire thing (so much for only 12 people having access to the database…), and brought in their high school classmates to their information highway hijinx.  The two were to download and burn the information to such disks.   One friend was to “find” the disks and alert the media.  Another was recruited to organize the information and save them as Excel files.

 

The motive was, of course, money.  Lots of it.  In fact, they were under the impression that having the media report a data breach would increase the value of the information they held, since they were going to use it to blackmail their employer.  I guess the idea is one leak would be terrible for GS Caltex; two leaks would be really terrible.

 

Hacking? Nah, He’s Just Messing Around With His Computer.  No Data Security Needed Here

 

As the police started cluing in to the fact that this must have been an inside job, the GS Caltex employee’s natural reaction was to ensure he doesn’t get caught.  He supposedly replaced the hard disk in his computer; and I think it’s implied he did it while everyone was watching.

 

It’s like, what?

 

I don’t know of any companies where replacing the hard drive on a computer is deemed “business as usual” unless one’s working for the IT department or owns an computer repair shop.

 Security Means More Than Installing Encryption Programs.  Where’s The Audit? 

Based on what’s been revealed so far, it’s quite obvious that GS Caltex didn’t have the correct programs in place to ensure data security.  Granted, the company claims that only twelve people had access to the database that was storing all this sensitive information.  If that’s so, it means that at least one of the employees arrested would be part of this select twelve.  And, you’d imagine that due to the “selective” status, these people would be high up in the corporate hierarchy.

 

Yet, the media makes it sound as if these guys were some temp workers at a call center.  Who knows?  Maybe it’s because they were. The thing about Korea is that they tend to be extremely protective about criminals’ identities, especially if they’re not well off (you know, like the CEO of Samsung, who was implicated earlier this year on tax evasion)—further incentive to believe that these two were not part of the twelve, I’d say.   In other words, whoever said that only twelve people had access to such information was lying, at worst; greatly misinformed, at best.

 

One thing I’d like point out is that downloading 11 million records must have raised some flags.  Sure, it was done over a period of several months.  At the same time, wouldn’t it be weird that someone was downloading the 11 million records?  Even if it’s in smaller data sets, each set would have been a different one from the last.  Of course, it’s not easy to notice these things unless one is actively looking for them, which is why regular audits are necessary.  Even if you’ve implemented the best data security system in the world, it won’t do an iota of good unless someone is minding the store.

 Murphy’s Law or Terrible PR Department? 

One thing I noticed over the weekend was that GS Caltex was running new ads for their loyalty program cards, the same cards that were behind the data breach.  I’m not sure if the ads were meant as a PR attempt to ease the blow of the data breach, but it certainly wouldn’t have allayed the fears of any affected customers.

 

The big thing they were pushing was that now family members could share their bonus points with each other.  You know, combine points together to…I don’t know, get a free, crappy toaster oven much faster.

 

Made me think, really?  After the biggest data breach to date in Korea, a company is suggesting that family members now share and identify who’s who within their database.  As if they haven’t shown that they can’t be trusted with the information they already have in there.

 

Related Articles:

http://english.donga.com/srv/service.php3?bicode=040000&biid=2008090844298

http://www.theinquirer.net/gb/inquirer/news/2008/09/08/south-korean-coppers-plug-leak

http://english.hani.co.kr/arti/english_edition/e_national/308826.html

 
<Previous Next>

Data Breach Of Nearly All Korean Adults: Data Protection Like File Encryption Definitely Not Used

Laptop Encryption Software Works: Random Guy Steals Laptop From Bank In Broad Daylight

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.