Logging in from a Smyrna, Georgia, McDonald's restaurant, a former employee of a U.S. pharmaceutical company was able to wipe out most of the company's computer infrastructure earlier this year.I sure hope Shionogi had an effective backup policy in place. Aside from that, I wonder how long it will take for IT to understand the importance of de-provisioning an employee and better access control around privileged account management?
Jason Cornish, 37, formerly an IT staffer at the U.S. subsidiary of Japanese drug-maker Shionogi, pleaded guilty Tuesday to computer intrusion charges in connection with the attack on Feb. 3, 2011. He wiped out 15 VMware host systems that were running email, order tracking, financial, and other services for the Florham Park, New Jersey, company.
…
Using vSphere, he deleted 88 company servers from the VMware host systems, one by one.
A few weeks ago I overhead someone saying that identity management was passé. I don’t think so! This is a great example of how far we still have to go…
Technorati Tags: identity management,privileged account management
3 comments:
Interesting AND disturbing. There is NO REASON for this, as we have "passe" software available to counteract this type of activity. Think they will get fined by the Japanese government?
Wonder if he nailed the backup first, then deleted the servers. Problem in small IT departments. In order to operate everyone can do everything, segregation is important as well, but many people forget this.
What a classic. How many times have we been warned about this? Once again, it's incredible to me that a pharmaceutical company isn't subject to more rigorous controls and audit. Where was the FDA with their attestation requirements? Simple IAI could have prevented this. The IDM journey is just beginning!
Post a Comment