Bank teller arrested for $3.2M theft
A Romanian bank teller was arrested for illegally transferring $3.2M into two bank accounts by using his director’s password. There is no detail in the article to describe how the teller acquired the director’s password but this could have been done in a myriad of different ways including shoulder surfing, brute force guessing, or social engineering. In this case, the adversary was a trusted employee and may not have been considered a threat.
http://www.msnbc.msn.com/id/23027131/
This is a great example of how adversaries can be anywhere and even the most secure systems are only as secure as the people who administer them. All the technology we use to secure communications, systems, and data is virtually worthless when someone can acquire the necessary credentials to bypass all that.
It is important to remember that there is more to security than just encryption and buffer overflows. Policy and user education is an equally important aspect.
Comment by Patrick Williams
February 7, 2008 @ 1:10 pm
there’s of course the very famous example of something similar happening here in the US. Amazing stuff…
http://www.time.com/time/magazine/article/0,9171,948323,00.html
Comment by mstie74
February 7, 2008 @ 4:58 pm
That article is marked Monday, Nov. 20, 1978. It just shows how long these problems have been around and how we haven’t learned from our mistakes.
Comment by geld lenen
February 21, 2008 @ 11:28 pm
More interesting how he got the password and how long this went on… It looked like it was later discovered then happened.
This guy should routed his money fast to through some countries 😉