IsDavisLuEnabledInActiveDirectory? Not any more. IsDavisLuGuilty? Yes. IsDavisLuFacingJail? Also yes A federal jury in Cleveland has found a senior software developer guilty of sabotaging his employer’s systems – and he’s now facing a potential ten years behind bars.…
If this dev had this much access and his work didn’t do any sort of code review, I don’t understand how their CSOC or ISO isn’t on trial along with him.
This is terrible OpSec.
In order for me to create an IAM role, I have to have two different people to approve it, along with the access control team, along with a change review on what the role does and how it will authenticate.
Dev teams cannot access production. Prod teams cannot access code directly. Only machine roles can access databases directly.
We have so many checks and balances that it’s amazing we get anything done.
I work in a high security industry. You’d be amazed at what you can do if you are willing to ignore the process. Our real defense against insider threats is attribution, law enforcement, and incident recovery. By the sounds of it, that is exactly what happened.
I’m guessing it was a small company and/or super legacy systems and processes. I didn’t read the article.