Imagine you’re the finance director of a quoted financial services company. You receive an anonymous invitation to a ‘Party of a Lifetime’ in the form of a USB memory stick. Hopeful of some welcome distraction, you plug it into your office computer. But unbeknown to you, the stick has been sent by a criminal gang seeking a way into your company’s IT system. The stick searches your directories, sends private files to the gang, inserts a ‘keylogger program’ which records your keystrokes and passwords, and sets up a way for the gang to attack your network. Farfetched? No, it isn’t.
Earlier this year 500 UK finance directors received memory sticks in this way and 47 per cent of them ran the application contained in it. Fortunately for them, the sticks had been sent by IT Security group NCC as part of a security awareness campaign. According to NCC, a hacker could have gained access to the directors’ email systems and personal details, and to unreleased trading statements which could have been used as a basis for insider share dealing.
Comments
Join the debate for just $5 for 3 months
Be part of the conversation with other Spectator readers by getting your first three months for $5.
UNLOCK ACCESS Just $5 for 3 monthsAlready a subscriber? Log in