ad info  technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  




Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent



More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections


4:30pm ET, 4/16










CNN Websites
Networks image

Analysis: Home workers can imperil systems


(IDG) -- The theory that hackers reached Microsoft Corp.'s product development servers via a home-based employee's computer demonstrates why it's critical for companies to ensure that their remote employees aren't stepping-stones into the corporate network, say security experts.

Attackers using a server in Russia penetrated Microsoft's corporate network in a high-profile security breach that was made public 10 days ago (see "Microsoft stung by hack attack," link below).

Meanwhile, on Friday, another hacker claimed to have penetrated the company's Web servers, and Microsoft confirmed that at least one server had been breached (see "Microsoft hit by another hacker," link below).

  Computerworld's home page
  Microsoft stung by hack attack
  Feel secure? Don't be sure -- even Microsoft got hacked
  What does it take to secure your systems?
  Reviews & in-depth info at
  Questions about computers? Let's editors help you
  Subscribe to's free daily newsletter for IT leaders
  Search in 12 languages
  News Radio
  * Fusion audio primers
  * Computerworld Minute

Microsoft initially said some of its source code may have been stolen during the incident. Officials later said it appeared that the hackers may have only viewed portions of the code for products that are still under development.

Microsoft claimed that it knew about the hacker for at least 12 days - during which the company apparently tracked the person's every move within the network.

So far, Microsoft hasn't yet offered any public explanation as to how the hackers may have gained entry into what should have been a bullet-proof network.

Several analysts said they believe the attackers used a Trojan horse program known as QAZ to break in.

Trojan horses like QAZ usually enter a victim's system as e-mail attachments or are hidden in pornographic files and downloadable games.

Once inside a system, the programs broadcast their location to the hacker, who then takes administrative control of the system without the user's knowledge. He is then able to do the same things the authorized user of the computer would be permitted to do.

The odds of such programs being downloaded on a home computer are much greater than for an office-based one because home security is frequently less stringent and harder to monitor, said Russ Cooper, an analyst at Reston, Va.-based security firm TruSecure Corp.

An employee opening e-mail from an insecure service or using a work computer to log in to a personal Internet account could, for instance, unwittingly download a malicious program that could then infiltrate a corporate network. Similarly, unauthorized users - such as an employee's child - could use an office system to download games that contain viruses, Cooper said.

"It's been a problem for quite some time, and with more people working from home, the threat is increasing," Cooper said.

In Microsoft's case, the hack could have also originated with an office-based employee downloading and opening a file containing malicious code, said Jeffery V. Johnson, CEO of Metases, an Internet security consulting firm in Atlanta and an affiliate of Meta Group Inc. in Stamford, Conn.

But increasingly, "people are breaking into home-based systems and using them as pivot points" into corporate networks, according to Johnson.

It's precisely this concern that prompted insurance and finance company Lutheran Brotherhood in Minneapolis to install firewalls on notebooks belonging to its 1,800-strong field force earlier this year, said information security manager Jay Dybdahl.

Such firewalls "become very critical when a home user is always connected to the Internet via [Digital Subscriber Line] or some other [persistent] connection," Dybdahl said.

"The fact is, if we're going to allow access to corporate networks from staff at home, there are going to have to be new procedures followed that protect those processors," said Cathy Hotka, vice president of information technology at the National Retail Federation, a retail trade association in Washington.

Controlling home users is a matter of faith, said Rick Waugh, a product manager at Telus Corp., a telecommunications company in Burnaby, British Columbia. "You put rules in place and hope they follow them," he said.

How to manage telecommuters
June 19, 2000
Hackers attack Microsoft network
October 27, 2000
States take measures to promote telecommuting
April 13, 2000
Telecommuting causes, solves problems
June 2, 1999
How to work from home and get more done
October 12, 1998

Microsoft stung by hack attack
Microsoft hit by another hacker
Feel secure? Don't be sure -- even Microsoft got hacked
(PC World)
What do your employees know about security?
Closing the gap in end-user security
What does it take to secure your systems?
Meet remote-office security needs with VPN and firewalls
Remote workers armed with CyberArmor

Microsoft Corp.
TruSecure Corp.
Lutheran Brotherhood
National Retail Federation

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.


Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.