Slashdot Mirror

← Back to Stories (view on slashdot.org)

When Wrongfully Accused of Hacking, What Can You Do?

Posted by Cliff on from the legal-troubles-in-today's-corporate-environment dept.

justin asks: "Earlier this week, I went into work I was met at my desk by upper management; they wanted to meet with me. I was not sure as to why but when we got into the office, they set a pile of paperwork in front of me, opened it up to a certain page and asked me what it was. The paperwork was a series of (gimpy) logs showing an internal IP address doing a combination of scanning, and then what looked like hacking, of various boxes on the internet (of these there was the US Treasury among other US Government Organizations). The internal IP address was that of the one I am normally (read: not always) assigned by DHCP. I told them I had no idea what this was, that I didn't do it and that I think I would remember hacking into the US Treasury. I was a contracted employee, so I don't think I have any recourse, I was just left high and dry accused of something that I did not do, and their basic sentiment was 'we will investigate this, do you want us to call you and give you your job back if you are innocent?', This seems rather silly to me since you'd think such things would be investigated, before they would decide to fire me. I'm looking to find out who else has been in this situation and how they dealt with it."

"The logs were in a simple format: 'Aug1 11:27 10.1.0.56.port -> treas.gov.port'. Now there had been some problems at work with the recent MS DCOM/RPC bug, and my machine was compromised either the same day, or the day previous to the day of the events I am being accused of. Additionally, because it was an internal IP address, it could have been anyone with access to ifconfig on their machines (They don't have a link layer dump).

I now have the following questions:

  1. What experiences have other people had that relate to this, what course of action if any did they take in response.
  2. I know the laws aren't very sympathetic when it comes people saying 'yea that was my computer, but it wasn't me', but it can be proved that my computer was compromised in the same time frame, and also the evidence they have is rather flimsy, what experiences have people had in a similar situation?
  3. If someone should try to press charges, where can I find a decent attorney that would actually understand the technology and what I was saying. (As I am now unemployed I'd very much so on a budget)
  4. What should I tell my next prospective employer? Even If they believe me that I had nothing to do with it, that puts one serious doubt in a person's mind.
I'm primarily self taught and with a little less than 3 years experience as a Unix Admin and doing system programming, it is hard enough for me to get a job as it is, never mind with accusations that I was out trying to hack the government on my last job.

Thank you, in advance, for any wisdom, anecdotes or suggestions you can pass along."

0 of 105 comments (clear)

No comments match the current filter.