We purchased a wireless sniffer to better track the hacker, and when she began transmitting information, we roamed the hallways looking for the illicit partner. We ended up in a nearby conference room that was open to the public. We opened the doors and saw about 200 people, half of them carrying laptops. Try as we might, we could not track the illegal data stream to a particular person. We had a room and a MAC address. Senior leadership would not allow us to stop everyone in the room to locate the specific person. Although I didn't like the decision, it probably was the best legal answer.
It was decided that we would detain the known perpetrator to stop the data loss. I hung out in the background as IT and physical security confronted the employee. The moment the security guards entered the accounting department, the temp pushed away from her PC and claimed that someone was hacking it. She was so adamant and tearful that if I had not watched her expert hacking over the past few days using the Web camera, I would have believed her. She was a wonderful actress.
I never heard whether she was arrested or deported or what happened to her. I was not privy to those details. But I did hear that she was just one employee from a newly engaged temporary placement agency, and all the other employees from the agency were also caught hacking at this same client. The young woman I had helped detain had claimed that she had so few computer skills that the company had sent her to basic keyboarding classes.
It remains the one time in my life where I helped catch a Russian spy.
- 14 dirty IT tricks, security pros edition
- IT's 9 biggest security threats
- 9 popular IT security practices that just don't work
- 10 crazy IT security tricks that actually work
- Malware Deep Dive Report
- Data Loss Prevention Deep Dive Report
- Insider Threat Deep Dive Report
- Malware IQ test: Round 2
- Malware IQ test: Round 1
This story, "True tales of (mostly) white-hat hacking," was originally published at InfoWorld.com. Follow the latest developments in security at InfoWorld.com. For the latest developments in business technology news, follow InfoWorld.com on Twitter.