Kim Valois is no stranger to the seedy side of technology. After half a decade as director of CSC Australia’s security services group — not to mention several years spent doing classified intelligence work for the likes of the US Department of Defence and the National Security Agency before that — Valois thought she’d seen it all. Or at least she did until recently, when a client asked her to examine a Web server that had fallen over. Not surprisingly, the investigation showed that the server fell over because an intruder had removed critical system files. What was surprising, however, was that the intruder also parked thousands of megabytes of pornography on the system and had been making the illicit material available online at the expense of her client for some time.
“It surprised even me,” says Valois, who over the years has done everything from investigate corporate espionage and hunt down cyber intruders to gather evidence for lawsuits involving employee misuse of company systems. “This time, it was somebody in Europe who put the material on a server out here. But that makes sense for small-time operators: why keep this material on your own system when you can just piggyback on someone else’s bandwidth for free?”
Welcome to the latest in a long line of security threats facing modern enterprises: a new breed of cyber interloper who gains control of vulnerable corporate systems and uses them to host porn and other illicit material. Valois says that because the average capacity for a personal user is between 5 to 10MB, it is easy for intruders to take advantage of spare capacity by discreetly parking large chunks of information on a company’s system. Often, such material is illegal in nature, prompting its owners to “cyber squat” in an attempt to cover the trail leading back to the source.
Valois says the new trend leaves companies exposed in troubling ways — not the least of which is that your systems could be quarantined as part of a law enforcement activity. “It happens to ISPs all the time,” she says, “law enforcement serve a subpoena for information and go in and take servers or seize systems.
“With the increasing powers that law enforcement may get with anti-terrorism legislation, does that mean that information and corporate assets can be more easily seized? I think so.”