The Cuckoo's Egg Revisited
By Clayton on Apr 20, 2008
Ah. The Cuckoo's Egg. The first non-fiction computer security book I ever read. Even saw the author (Cliff Stoll) give a talk at a local college 10+ years ago.
I was reminded of this book by a great conversation at our Customer Advisory Board last week.
For those of you who haven't read it, the basic idea is that the author, a part time IT administrator, finds a 75 cent billing discrepancy between two audit systems. Rather than write this off as computer error and move on, he discovers that a user that is on sabbatical used the system and one of the system accounting records for that access was intentionally deleted. From there, the book reads like a spy novel as the author tracks the hackers "in the early days" before most people thought of this sort of thing.
Certainly while systems were compromised in the same way that systems are still compromised nearly 20 years later, basic security processes and practices have changed significantly. Identity Management certainly gives much more control over the management of inactive accounts, as well as better enforcement of good password policies that make it more difficult for password cracking tools to be so effective.
I would love to get email with your IT security war stories that illustrate security then-and-now. I have a few of my own that I'll be sharing as well.