| 
A
major UK retailer was experiencing inexplicable losses of goods
from its depots, money was being lost but the computer systems stated
that everything was square and correct. CSI Tech consultants were
asked to investigate in partnership with a ‘physical’
security company.
A job was gained by one of our people at a suspect depot to enable
him to examine the problem from ‘behind the fence’.
It was quickly discovered that staff could set up dummy accounts,
order goods and then flag them as paid. The people involved were
identified using computer forensic techniques and subsequently removed.
Also whilst carrying out the audit it was discovered that the handheld
terminals that were used in the depot yard used an unprotected wireless
connection to the server. Any attacker could sit outside with a
wireless notebook and place an order directly onto the system, then
using the same vulnerability as previously described, flag it as
paid. They could simply drive into the depot and collect their ‘pre-paid’
goods. This was discovered before it was exploited.
With our breadth of technical capability combined with a partnership
with a physical security agency we were able to infiltrate and prevent
fraud before it really took hold. The internal IT department had
chosen and implemented the sales ordering system and were resistant
to any charge that it could be at fault. If the problem had been
left with an otherwise competent IT department the solution may
not have been found in time.
Had the vulnerability been made public to the online community or
to other staff in the group the losses could have been in the millions?
Don’t allow a suspicion of fraud to remain unchecked, contact
CSI Tech.
|
