Comments on: Low tech Romney tax return hack could be lesson in physical security http://www.welivesecurity.com/2012/09/06/low-tech-romney-tax-return-hack-could-be-lesson-in-physical-security/ News, Views, and Insight from the ESET Security Community Mon, 03 Feb 2014 08:49:00 +0000 hourly 1 http://wordpress.org/?v=3.7 By: Andrea Ebbing http://www.welivesecurity.com/2012/09/06/low-tech-romney-tax-return-hack-could-be-lesson-in-physical-security/#comment-1123 Wed, 12 Sep 2012 22:29:24 +0000 http://blog.eset.com/?p=15030#comment-1123 Additionally, no matter what level of education or ubringing, I would be willing to bet that a majority of the more recent Mellennials do not fully understand the idea of a "Paper Trail" and therefor high level graduate "interns" and/or assistants etc. do not fully realize the consequences for such human error as leaving very privelaged information (either their own, their boss, parents, etc.) in a less than secure area. This could be due to the fact that their entire life consists of real time information, new apps, and the latest technology. Socially and environmentally, they are living in a "Be Green / Paper Free" world which may lead some to believe that "written" information is irrelevant, which unfrotunatley (as we can see in this particular Romney example) as we know, the polar opposite. In fact, having that kind of information readily available (even if by igonrance or mistake) only increases the efficiancy and productivity of the perpetrator. 

]]>
By: Andrea Ebbing http://www.welivesecurity.com/2012/09/06/low-tech-romney-tax-return-hack-could-be-lesson-in-physical-security/#comment-1122 Wed, 12 Sep 2012 22:18:30 +0000 http://blog.eset.com/?p=15030#comment-1122 I think this is one of the most important and overlooked aspects of security in these increasingly (overly) comfortable "in the cloud" times. This blog speaks directly to a recent visit to a large scale medical facility (we do not speak it's name!) just 10 minutes prior to their closing. As the front office was under renovation, a make-shift front office was comprised of 4 6' tables with 5 PC's, open file folders, and office supplies galore. There was not a soul in site, however, there were 3 PC's fully logged on and waiting. After roaming the halls and calling out for someone, I decided to leave in high hopes that a hacker would not decide to walk in directly after me and access any information they so chose. When I finally discussed this with the staff, they told me that they are "not allowed to lock the doors" and it remains open. On the opposite side of the issue, look at Alan Turing's work with the German Enigma machine and the Bombe. Low tech access, high volume results, but for the better. Seems as though the Dark Night Film has a loose connection to that story-line, but with reverse intentions. We can never be too safe, and it's always worth the extra moment it takes to assess risk. I'm an optimist at heart and by nature, but It only benefits all to prepare for the worst even when you expect the best. Thanks for sharing this thought – I hope people take note.

]]>