The perfect crime – undone by our hero’s perfect backups • The Register | #emailsecurity | #phishing | #ransomware


On Call A tale of theft, fraud and understanding the meaning of “Delete” to end your working week. Welcome to a legally questionable episode of On Call.

Our story is another from a reader Regomized as “Ellen” and once again concerns Digital Equipment Corporation’s finest. In this case, DEC’s ALL-IN-1 office automation suite of the 1980s.

ALL-IN-1 was quite the thing back in the day. By modern standards it was pretty rudimentary, but with its email and word processing functionality it must have seemed like a whole new world. It was also highly customizable.

Ellen was employed at a financial institution that we will not name and tasked with administering a network of ALL-IN-1 computers, with accounts in every branch. “Normally,” she said, “it was pretty pain-free stuff allowing for long lunch breaks.”

Until, typically, the inevitable happened and Ellen’s pager went off. And of course it had to go off during the lengthy (for the UK) Easter holiday. On the LCD screen was a request to go into the office. She ignored it. The pager chirped again. And again. It appeared there was no avoiding a bank holiday visit to the workplace.

So in she trudged, only to find the office relatively quiet. The urgency of the message had made her suspect the Vax had dropped over but nope. While there were a few people milling around, a glance at her homegrown status page showed all services up and running.

“Before I could say ‘Why am I here?’, I was called to the top floor, which was an elevated place I very, very rarely had cause to bother. This time it was straight into a boardroom. Lots of very seriously worried people in there.”

And lots of very big cheeses.

Was it possible for her to look at some specific email accounts? For a specific branch of the bank?

Sure. But what for?

There was some shuffling of feet. “Anything strange.”

This was distinctly unhelpful, and Ellen pointed out that such a vague search would be akin to hunting for a needle in a haystack. When one doesn’t know what a needle looks like. Or even a haystack.

There was more huffing and puffing and a piece of paper was pushed across the desk. It was a Non-Disclosure Agreement, replete with some hefty penalties should the vow of Omertà be broken.

The reason for the call-out was then disclosed. It transpired that an employee had been overly helpful and run a job on the mainframe early – on Friday rather than the next working day, which would have been Tuesday (Easter – remember?)

This had thrown up a discrepancy…

“It seemed a rather large sum of money was missing,” Ellen told us, “but they didn’t know why.”

Attempts to contact the manager of the branch were unsuccessful. Officially he was on vacation. However, the security officer had managed to get in touch with the manager’s spouse, only to be told he was away on a course for work.

There was no such course.

“Alarm bells are now going off,” said Ellen. “Missing money, missing bank manager. We can all see where this is going.”

Now knowing what she was looking for, Ellen commenced the hunt. It didn’t take long: “There were a host of increasingly lurid emails between the bank manager and the head cashier,” she said. “They had planned this, knowing that the bank would not be audited for several days, and had removed a rather large sum from the branch’s float.

“The head cashier was also missing and uncontactable.”

Ellen dutifully handed over the evidence and the miscreants were apprehended while attempting to board a flight from the local airport.

Our story, however, does not quite end there.

The bosses were impressed with Ellen’s detective work, and surprised that the duo had left such an easy trail to follow.

“I had to explain,” said Ellen, “that they had tried very hard to cover their tracks, but we had this thing called a ‘backup’…”

The backup tapes hadn’t made it offsite yet, so she’d been able to get them loaded and pick through the data in search of an explanation. She was naturally very chuffed at her cleverness.

The board, however, was not.

“You mean,” came the horrified question, “when we press delete, the emails don’t actually delete, they get saved to backup tape?”

Yep – that was pretty much size of it.

Pandemonium now ensued.

“But when I say delete, I want them deleted!” shrieked a senior manager, “You have to delete them not just on the online system but also in all the offline backups!”

Ellen was about to point out both the technical and legal challenges involved when another boss stepped in and gently pointed out that the same senior manager had accidentally deleted a folder of vital emails just the other week, and they’d been quietly restored by IT before anyone had noticed. Backups were good.

“Someone at the meeting seriously suggested that we add an extra button to the keyboard. One would be ‘Delete, but I may want this back’ and another would be ‘Delete, now and forever’.”

The idea, while serious, was thankfully never implemented.

Ever turned your IT skills into weapons for crimefighting? Or had to gently explain to a red-faced executive that sometimes Delete doesn’t always mean Delete? Tell your tale with an email to On Call. ®



Original Source link

Leave a Reply

Your email address will not be published.

seven + one =