Quantcast

need recommendations for mathematical modeling to prove corporate sabotage

$tinkle

Expert on blowing
Feb 12, 2003
14,591
6
no biggie.

just happened to notice in source control a behavior profile that leads me to believe someone rolled their own 0-day malware in the form of "when they get here, sh|t will blow up hard"

essentially, it's like this: remove generated code, code generator, references to generated code.

how to prove?
 

syadasti

i heart mac
Apr 15, 2002
12,690
290
VT
Can't help on that, but I helped create a big brother systems on what was then largest private MS Exchange system in the world on an internship in college. Was intended to monitor and prevent corporate espionage.

After I graduated I also setup a SOX compliance system, but that was a lot easier since there were off the shelf solutions that just came to market.
 
Last edited:

$tinkle

Expert on blowing
Feb 12, 2003
14,591
6
unfortunately, this happened during a handoff from the previous contractor, so there's no audit trail. and without the perp fessing up, this will be difficult - if not impossibru - to prove
 

wiscodh

Monkey
Jun 21, 2007
833
121
303
i dunno if you want the FBI all up in your grill, but they came in and talked to my group about corp espionage and how they were always there to help thwart attacks. Maybe give your local branch a ring?
 

syadasti

i heart mac
Apr 15, 2002
12,690
290
VT
unfortunately, this happened during a handoff from the previous contractor, so there's no audit trail. and without the perp fessing up, this will be difficult - if not impossibru - to prove
On a related note, a SOX compliant system doesn't just get the corporate email system though SOX is a failure (at least back then) since it doesn't require monitoring all traffic on corporate networks to catch people using their private email accounts on corporate networks (or requiring blocking of email and social networking). Of course these days now someone could just bring their own cellular device which the corporation would have no legal right to monitor but they could block cellular signals passively or actively (active is not legal - but how many people will complain to the FCC?).

For the most part the monitoring is effective as most aren't savvy enough to think about keeping their dirt off corporate channels...
 
Last edited: