A former National Security Agency analyst who is now an expert on corporate espionage offered chilling accounts yesterday of his easy penetration into a variety of U.S. companies. In one case, in just a few hours he was able to make off with product plans and specifications worth billions of dollars.
Ira Winkler, global security strategist at CSC Consulting, spoke at Computerworld's Premier 100 IT Leaders Conference here and punctured several popular misconceptions about information security...
At one large company, for example, he persuaded a guard to admit him by saying he had lost his badge and presenting a business card as a substitute. He'd stolen the card -- which belonged to an employee who worked at the plant -- from a local restaurant that collected business cards in a jar for prize awards. Winkler went on to exploit a number of security weaknesses, from doors he found unlocked to using forged signatures to using simple computer hacks. The result: Designs for nuclear reactors and other
technologies were compromised, possibly with national security implications."Never measure security budgets by IT," said Winkler, author of Spies Among Us: How to Stop the Spies, Terrorists, Hackers and Criminals You Don't Even Know You Encounter Every Day. (more)
