A Romanian bank teller was arrested for illegally transferring $3.2M into two bank accounts by using his director’s password.\u00a0 There is no detail in the article to describe how the teller acquired the director’s password but this could have been done in a myriad of different ways including shoulder surfing, brute force guessing, or social engineering.\u00a0 In this case, the adversary was a trusted employee and may not have been considered a threat.<\/p>\n
http:\/\/www.msnbc.msn.com\/id\/23027131\/<\/a><\/p>\n This is a great example of how adversaries can be anywhere and even the most secure systems are only as secure as the people who administer them.\u00a0 All the technology we use to secure communications, systems, and data is virtually worthless when someone can acquire the necessary credentials to bypass all that.<\/p>\n It is important to remember that there is more to security than just\u00a0encryption and\u00a0buffer overflows.\u00a0 Policy and user education is an equally important aspect.<\/p>\n","protected":false},"excerpt":{"rendered":" A Romanian bank teller was arrested for illegally transferring $3.2M into two bank accounts by using his director’s password.\u00a0 There is no detail in the article to describe how the teller acquired the director’s password but this could have been … Continue reading