Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cyber Insurance Between the Lines

Posted by timothy on from the door-hit-rear-on-way-out dept.

Shackleford writes "Security Focus has an article that discusses insurance policies regarding 'computer attacks and cyber sabotage.' It discusses a case in which an administrator who set up back doors in the system with which he was trusted deleted files to which he could access after he was fired. His company had insurance against dishonest acts by employees, but not against 'acts of destruction.' Eventaully, the company won, but the case went to litigation. So the lesson to be learned here is that your company may have 'cyber insurance' without knowing it, but you need to be sure about it."

21 of 89 comments (clear)

  1. "Acts of god" by Anonymous Coward · · Score: 5, Funny

    If you're the system god, would this violate the insurance policy?

  2. Good God Man by Sokie · · Score: 2, Funny

    It discusses a case in which an administrator who set up back doors in the system with which he was trusted deleted files to which he could access after he was fired.

    What is that sentence supposed to mean? Use a freaking comma!

    Yeesh.

    --
    ------
    Where are the slash-groupies? I distinctly remember being promised slash-groupies!
  3. Do Admins leave Backdoors a lot? by Puchku · · Score: 4, Interesting

    Always wanted to know this. I am a sysadmin for a College (i'm a student there), and I always leave a backdoor or two in case of emergencies. like someome else chaniging the root passwords etc. Does anyone else do this, or is it just me?

    1. Re:Do Admins leave Backdoors a lot? by Jetson · · Score: 4, Insightful

      If you have the ability to add a back-door you will also (in most cases) have the ability to recover from a lost password without *needing* a back door.

    2. Re:Do Admins leave Backdoors a lot? by James+Littiebrant · · Score: 4, Informative

      That would sound like a good idea, but it is not the best idea. I know how a hacker can get into computers (because I am one) and installing a backdoor on your server/computers is a deadly mistake. A simple scan from a hacker in theory could uncover that backdoor, then you are screwed. Instead I would recommend that you get a physical switch that resets the root password to a prespecified number or character. Where you can get these? I am sorry to say that I do not know where. I do know that they have been made bacause one of my friends has built one for his computer, with some programming and mod experiance you could build one too. I for one will never install a backdoor on MY servers.

    3. Re:Do Admins leave Backdoors a lot? by PetWolverine · · Score: 5, Funny

      I know how a hacker can get into computers (because I am one)

      What advances A.I. researchers have made recently, that computers can post comments to /.!

      --
      I found the meaning of life the other day, but I had write-only access.
  4. No wonder insurance is so expensive. by Sheetrock · · Score: 3, Insightful
    I don't know how much hand-holding people need, but this kind of thing goes a bit far. If you've got a troublesome ex-employee, I'd think they should be able to handle something like this with a civil suit. Instead, it's pulled out of insurance, which drives up all our premiums.

    Fantastic. And with litigation costs to boot.

    --

    Try not. Do or do not, there is no try.
    -- Dr. Spock, stardate 2822-3.




    1. Re:No wonder insurance is so expensive. by mlyle · · Score: 3, Insightful

      Assuming the ex-employee has the resources to pay damages, and that you can collect them.

      Insurance companies in most contracts are allowed to subrogate; that is, when they pay damages to you, they inherit all of your rights regarding that claim-- and can choose to go and sue the employee themselves if they think it's worthwhile.

      This is what insurance is for, really.

  5. BOFH by RobertTaylor · · Score: 2, Interesting

    Obligatory link to The Bastard Operator from Hell page.

  6. Note to self.. by grub · · Score: 2, Funny


    Don't leave backdoors in the system, burn the place down. It's harder to trace back..

    --
    Trolling is a art,
    1. Re:Note to self.. by niko9 · · Score: 2, Funny

      "Hey Milton, whhhhhat's happenening......"

  7. dishonest acts by employees? by mr_zorg · · Score: 2, Insightful

    I'm sure this is an over simplification, but if the insurance was for dishonest acts by employees, how could the company win? This act was comitted by someone who was no longer an employee...

    1. Re:dishonest acts by employees? by The+Jonas · · Score: 3, Insightful

      IANAL, however I think the case may have been won by the fact that the "backdoors" were put in place while the offender was employed with the company. Therefore, they might have been able to prove malicious intent or something like that.

    2. Re:dishonest acts by employees? by Anti+Frozt · · Score: 2, Informative

      IANAL, but I would imagine their contract would have provisions that include former employees (up to a certain time after termination) and would possibly be bound by clauses set out in NDA and employment agreement.

      The fact that the insurance company nitpicked between dishonest and destructive acts doesn't surprise me in the least.

      --
      In C++, friends can touch each others private parts.
  8. Re:Playing Russian Roulette by Puchku · · Score: 2, Interesting

    true true. But the question is, do sysadmins suvccumb to the tempatation of leaving these backdoors? Hell, i know that if someone else stumbles upon the backdoor, i'm screwed, so i change the backdoors every two weeks. but i still leave them. They've saved the systems ass a few times too, when the other sysadmin, whos more of a NT/2k guy, screwed around. So does anyone else do this, then?

  9. Insurance... by NickisGod.com · · Score: 4, Insightful

    Insurance is one of the biggest vains the U.S. is facing today. You name it, car insurance, workman's comp, homeowners, cyber, etc.

    Beside's it being legalized gambling, whenever something does happen, these companies try to get out of paying and point fingers at fraud.

    There has to be a better way.

    P.S. Is it this bad in other parts of the world, or are there "better systems" in place?

  10. If you are about to be fired... by hillct · · Score: 2, Informative
    There are many sighns you are about to be fired, but most of them relate to steps your employer has taken to prevent you from doing damage to their systems in retaliation, like, say, changing the root password, deleting your personal userid, removing you from the company directory, and then there are these:
    Top 41 Signs You Are About To Be Fired
    The point is, do what you need to do long before you are fired so as to make your exit as painless as possible. If your employer is not competent enough to take the nessecery steps, and so requires anti-employee insurance, then that's their problem, and it probably indicates they're too stupid to deserver to have you working for them anyway. If they havn't earned the respect of their employees, again, this is the mark of a bad employer and it's time to move on anyway.

    It's simple, if any of the above events have occurred, plan to move on and if your company has purchased anti-employee insurance, it's time to het the hell out anyway.

    --CTH
    --

    --Got Lists? | Top 95 Star Wars Line
    1. Re:If you are about to be fired... by Verteiron · · Score: 2, Funny

      Yeah. The first sign that I had been laid off from Deere & Co. was that my ID badge would no longer open the door to let me out of the building. Some nice guy used his badge to let me out, and then used it again to let himself out. I heard later he'd gotten in trouble for doing that, too, since the security system flagged him as having left twice. I guess the Proper Action would have been to leave me cooped up in the building overnight until someone got around to telling me I didn't work there anymore.

      --
      End of lesson. You may press the button.
  11. Guido's Insurance Co. by grub · · Score: 2, Funny


    Hey.. you behind da keyboard. You need protection.. Things happen. Hard disks crash, software breaks, monitors get shot.. err.. dey break too.

    --
    Trolling is a art,
  12. Read the fine print by batobin · · Score: 2, Interesting

    I guess the lesson here is to read the fine print. The important thing to look for here is when the "dishonest employee" commits their dishonesty. From a logical standpoint, any malicious acts committed through the back-door should be covered by the insurance, merely because the back-door only existed because of dishonesty. But I'm sure the insurance company tried to argue, and support with the fine print, that the actual exploitation was the dishonest act, and occurred only after the employee was fired.

    Here's something to make you think: what would happen if the dishonest employee created the backdoor, quit, and someone else from outside the company exploited the back door? Then who would have won? I'd love to examine the actual insurance policy to find out.

  13. It's the insurance company's fault by Proaxiom · · Score: 2, Insightful
    They should have better worded the policy.

    I wouldn't be surprised if this kind of thing happens a lot over the next little while, until insurance companies (and in particular, the actuaries) can get their heads around the liability associated with network security.

    As a developer in the security industry, I look on this as great news. I've been saying for a long time that what data security companies really need is for the insurance companies to start tying premiums to security infrastructure. When that happens there will be a clear ROI on security investment, and companies will learn quickly how to cover their asses better from these kinds of vulnerabilities.

    Situations like this motivate the insurance companies to start assessing risk, and when they start assessing risk they start charging their customers for it, and when the customers are getting charged for it they start mitigating that risk. Right now, that just isn't happening.