Industrial espionage or sloppy housekeeping?

  • Thread starter Thread starter Writehand
  • Start date Start date
W

Writehand

I would be seriously grateful if someone could take a look at this
problem..

A close friend of mine has just taken a job with an IT security
company. A condition of employment is that, unless agreed beforehand,
all work (in or out of hours) becomes the intellectual property of his
new employer. My friend has been working on some potentially valuable
software with me and has no intention of handing it over to his new
boss. He therefore made the required declaration and explained that
this single project, nearly finished, must be agreed as separate from
his new contract with them. Fine, they say. No problem.

Then, on the very first weekend after he started work, his home PC was
hacked. He discovered his scheduler had been altered to run Windows
update every five minutes - and this on his old home PC which runs
Windows 98 and doesn't need an update. Weird stuff was happening.

He got off-line fast. A subsequent check found *34* different spyware
programs on his PC. When he realised he was under attack he tried to
delete the key files but could not do so online. He could only delete
them after he'd pulled the plug on his broadband - i.e. someone else
was already accessing them online.

I pointed out that coincidentally it is also only a week since he got
broadband. I wonder whether his old virus settings/firewall were
simply not good enough for a constant broadband connection with the
extra risks it entails. So maybe that's the deal. After all, people
who work in IT are often the worst at remembering to take precautions.

But he's very, very uncomfortable. Someone at work on Friday told him
"You aren't nearly paranoid enough." Spooky, huh?

What does anyone out there think? Please answer soon, as he is
extremely stressed about the situation and feels he may have to resign
in the next 24 hours if he still feels so paranoid. Who wants to work
with people who basically break into your house? An innocent "Duh"
explanation is what I hope for - but any ideas would be very welcome.

Thank you,

Writehand
 
I would be seriously grateful if someone could take a look at this
problem..

A close friend of mine has just taken a job with an IT security
company. A condition of employment is that, unless agreed beforehand,
all work (in or out of hours) becomes the intellectual property of his
new employer. My friend has been working on some potentially valuable
software with me and has no intention of handing it over to his new
boss. He therefore made the required declaration and explained that
this single project, nearly finished, must be agreed as separate from
his new contract with them. Fine, they say. No problem.

Then, on the very first weekend after he started work, his home PC was
hacked. He discovered his scheduler had been altered to run Windows
update every five minutes - and this on his old home PC which runs
Windows 98 and doesn't need an update. Weird stuff was happening.

He got off-line fast. A subsequent check found *34* different spyware
programs on his PC. When he realised he was under attack he tried to
delete the key files but could not do so online. He could only delete
them after he'd pulled the plug on his broadband - i.e. someone else
was already accessing them online.

I pointed out that coincidentally it is also only a week since he got
broadband. I wonder whether his old virus settings/firewall were
simply not good enough for a constant broadband connection with the
extra risks it entails. So maybe that's the deal. After all, people
who work in IT are often the worst at remembering to take precautions.

But he's very, very uncomfortable. Someone at work on Friday told him
"You aren't nearly paranoid enough." Spooky, huh?

What does anyone out there think? Please answer soon, as he is
extremely stressed about the situation and feels he may have to resign
in the next 24 hours if he still feels so paranoid. Who wants to work
with people who basically break into your house? An innocent "Duh"
explanation is what I hope for - but any ideas would be very welcome.

Thank you,

Writehand
Click to expand...

Doesn't sound that much like an attack from anyone at his job, sounds more
like a poorly secured broadband connection with bad habits about
installing software from questionable sources.

The comment from the co-worker is not necessarily spooky. It may be that
person was trying to tell him the same thing.
 
I would be seriously grateful if someone could take a look at this
problem..

A close friend of mine has just taken a job with an IT security
company. A condition of employment is that, unless agreed beforehand,
all work (in or out of hours) becomes the intellectual property of his
new employer. My friend has been working on some potentially valuable
software with me and has no intention of handing it over to his new
boss. He therefore made the required declaration and explained that
this single project, nearly finished, must be agreed as separate from
his new contract with them. Fine, they say. No problem.

Then, on the very first weekend after he started work, his home PC was
hacked. He discovered his scheduler had been altered to run Windows
update every five minutes - and this on his old home PC which runs
Windows 98 and doesn't need an update. Weird stuff was happening.

He got off-line fast. A subsequent check found *34* different spyware
programs on his PC. When he realised he was under attack he tried to
delete the key files but could not do so online. He could only delete
them after he'd pulled the plug on his broadband - i.e. someone else
was already accessing them online.

I pointed out that coincidentally it is also only a week since he got
broadband. I wonder whether his old virus settings/firewall were
simply not good enough for a constant broadband connection with the
extra risks it entails. So maybe that's the deal. After all, people
who work in IT are often the worst at remembering to take precautions.

But he's very, very uncomfortable. Someone at work on Friday told him
"You aren't nearly paranoid enough." Spooky, huh?

What does anyone out there think? Please answer soon, as he is
extremely stressed about the situation and feels he may have to resign
in the next 24 hours if he still feels so paranoid. Who wants to work
with people who basically break into your house? An innocent "Duh"
explanation is what I hope for - but any ideas would be very welcome.

Thank you,

Writehand
Click to expand...


Ordinarily I would say contact the F.B.I cybercrime division, however
read the fine print of ANY contracts before you do as it is just as
likely that IF your friend has signed something even in ignorance or
through a deception that gives that employer some "LEGAL HOLD" on YOUR
private and Independant intelletual property the F.B.I is just as
likely to assist your friends new employer in obtaining that
information through suptorfuge, especially if that employer is a "Big
Contributor" to one party or the other or can and will perform a
"SERVICE" somewhere down line for them in the future ...

after all "JUSTICE" is something you pay for and IF you can't pay for
it then someone else will get instead ...

and I would be real worried about assassination where such is
concerned after all even IF you create something that does mean you
have the rights to it as I learned the hard way many years ago, phone
taps, hidden microphones, 24 hour tails, micky fins in the coffee even
certain types of physocological torture and 3 assassination attempts
that were suppose to look like "ACCIDENTS" ...

and yes HI-TECH organized crime, espionage and assassinations do take
place on a daily basis and sometimes with the help of those entrusted
to protect you and what I learned was trust no one not even family nor
friends ...

good luck and watch your back as it was pointed out to me. no evidence
no crime sort of like rape he said / she said ...

a safty deposit box out of the country works just a little hard to get
to ...


~Nemo~
 
Ordinarily I would say contact the F.B.I cybercrime division, however
read the fine print of ANY contracts before you do as it is just as
likely that IF your friend has signed something even in ignorance or
through a deception that gives that employer some "LEGAL HOLD" on YOUR
private and Independant intelletual property the F.B.I is just as
likely to assist your friends new employer in obtaining that
information through suptorfuge, especially if that employer is a "Big
Contributor" to one party or the other or can and will perform a
"SERVICE" somewhere down line for them in the future ...

after all "JUSTICE" is something you pay for and IF you can't pay for
it then someone else will get instead ...

and I would be real worried about assassination where such is
concerned after all even IF you create something that does mean you
have the rights to it as I learned the hard way many years ago, phone
taps, hidden microphones, 24 hour tails, micky fins in the coffee even
certain types of physocological torture and 3 assassination attempts
that were suppose to look like "ACCIDENTS" ...

and yes HI-TECH organized crime, espionage and assassinations do take
place on a daily basis and sometimes with the help of those entrusted
to protect you and what I learned was trust no one not even family nor
friends ...

good luck and watch your back as it was pointed out to me. no evidence
no crime sort of like rape he said / she said ...

a safty deposit box out of the country works just a little hard to get
to ...
Click to expand...

Thanks for the advice. Though as we're British the FBI bit needs
translation, so to speak.

An update:

Having isolated the machine, my friend's had time to examine the hard
drive carefully.

Quite apart from the multiple bits of adware/spyware, he found the key
files containing his software work infected with a virus that would
have destroyed all his data as soon as he opened the files.

Far more worrying, he found a lot of what looks like security services
encryption files he has never seen before in an archive folder. Had he
not been going through his system with such care he might not have
noticed them - the folder hadn't been used for a couple of years. The
files look as though they could be dynamite.

When I say "looks like" - as soon as he found them he consulted his
lawyer, who passed him on to a criminal lawyer. He then took the whole
thing to his offices.

A copy of the hard drive is now with my friend's lawyer and my friend
has involved the police.

Someone appears to have hacked him either to store sensitive files or
to place incriminating material on his drive.

I am pretty certain no legitimate commercial organisation would do
this. My guess is that it's some weirdo who, for whatever reason, is
trying to damage the guy.

BTW, it's interesting to read different posts - different viewpoints
about my dopey friend's security. His vagueness doesn't surprise me at
all - after all, doctors (a professional group I've worked with
extensively) are famous for missing diseases in their immediate family
- and my friend only ever used that machine for gaming and coursework.

Guess it depends on your perspective. If you're selling security
software/hardware or providing support you're going to be all too
aware of the vital importance of online security in your daily life.
My friend works on obscure corners of anti-virus programming and, I
guess, he just didn't focus on its relevance to his home PC. He will
now. <g>

As for Windows 98 - with a wife and kids at home and a state of the
art set up at work, upgrading my home kit wouldn't necessarily be my
priority.

Anyway - that's where we stand. I don't expect the police will be that
interested - they're not interested in domestic burglaries, after all.
At least he's passed the problem to the authorities, and set up an
entirely new, more secure system. Of course, the poor guy is driving
himself crazy trying to work out who might have done it, but I guess
he may never know.

Thanks, everyone, for your help.

Writehand
 
Back
Top