Feeds

Fired Gucci IT worker accused of tearing up network

Suits you, Sir

Secure remote control for conventional and virtual desktops

A fired network engineer has been charged with mounting a revenge hack attack against the American branch of Gucci.

Sam Chihlung Yin, 34, of Jersey City, New Jersey, allegedly wreaked havoc on the network of the US branch of the Italian luxury good retailer around six months after he was dismissed by Gucci in May 2010. The November 2010 assault shut down servers and deleted data, causing damage and lost productivity costs estimated at $200,000 in the process.

Gucci lost access to documents and email for nearly 24 hours, while other documents and emails were permanently lost. The attack relied on the use of a fictitious VPN access account allegedly established by Yin while still on Gucci's payroll.

The rogue employee tricked his former colleagues into activating a token associated with this account in June 2010, a month after his contract of employment was terminated by Gucci for unrelated reasons in May 2010.

The fashion house called in investigators after the November assault, who tracked the attack back to Yin. In Monday, the alleged hacker was indicted on a 50-count rap that includes computer hacking, identity theft and falsifying business records charges. The most serious charge – computer tampering in the first degree – is punishable on conviction by up to 15 years behind bars.

The case is being prosecuted by the New York County District Attorney's office, which put out a statement on the case here.

Regardless of the outcome of the case, the incident serves to illustrate the importance of managing user accounts, particularly in cases where a worker leaves the employment of a firm.

More commentary on this aspect of the case can be found in a blog post by Sophos here. ®

Remote control for virtualized desktops

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.