From: InfoSec News (alertsinfosecnews.org)
Date: Mon Jul 17 2006 - 01:17:08 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.informationweek.com/security/showArticle.jhtml?articleID=190400233
 
By Paul McDougall
InformationWeek
July 14, 2006

A Washington, D.C., law firm says it's the victim of a computer hacker,
but it claims the perpetrator isn't some nerdy cyberpunk or offshore
criminal gang. Rather, the firm says its computers are under attack by
tech giant IBM.

Attorneys at Butera & Andrews claim an unidentified hacker working within
IBM's WebSphere services facility in Durham, N.C., secretly dropped
malicious code into the firm's e-mail server, giving him or her
unauthorized access to the system. The IBM worker "initiated, directed and
managed this attack from the Durham, North Carolina facility," Butera &
Andrews claims in a lawsuit. The firm says its servers were hit by the
assailant's code more than 40,000 times throughout 2005.

In its complaint, filed in April in the U.S. District Court for
Washington, D.C., Butera & Andrews gives no motive for the attack.
However, it says it fingered IBM because an IP address traced to the
computer initiating the attacks is registered to a system inside the IBM
facility.

Butera & Andrews also charges IBM with maintaining lax security procedures
at the Durham facility, thus making it easier for would-be hackers to
carry out their work undetected. The lawsuit states that IBM last year
implemented a policy under which all computer user logs at the facility
are wiped clean after 24 hours. The policy "assures anonymity for any
wrongdoer," the firm charges.

IBM has filed a motion to dismiss the suit. Among other things, the
computer vendor claims that the IP address identified in the suit belongs
to Workforce.com, an unrelated Web publication that operates from
Michigan. A trace of the IP address conducted by InformationWeek confirms
that the address is registered to Workforce, which is owned by Crain
Communications. Butera & Andrews maintains that the address belongs to
IBM, even if Workforce is currently "residing" at the addresss. It says it
has documents that prove the link.

In its suit, Butera & Andrews is seeking "the return of all information
illicitly obtained" by IBM as a result of the alleged hack, as well as
unspecified damages and costs. Officials from IBM and Butera & Andrews
weren't available for comment.

_________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.
www.blackhat.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]