Hacker: Breaking into Companies is Easy

A convicted hacker has this to say about breaking into corporate computer networks: It’s so easy a caveman can do it.”

identity Thats what Robert Moore, a 23-year-old hacker from Spokane, Wash., told Information Week. Moore is about to begin a two-year prison sentence for computer fraud, which goes to show that breaking into a companys computer system and getting away with it are different matters. Moore was found guilty of stealing telecommunications service after he and a co-conspirator set up a company that claimed to sell telephone service over the Internet. But instead of using their own equipment, Moore hacked into the computer networks of telecommunications companies and other corporations, and routed the calls through those companies networks. The scheme netted over $1 million.

Moore tells Information Week that 70% of the companies he tried to break into were insecure. The main reason? The information-technology departments at these companies hadnt changed the default passwords that the manufacturer put on the equipment that runs the network. Moore would scan the networks for routers, tech equipment that directs Internet traffic, and then scan the routers to see if they were still using the default password. If they were, Moore could program them to allow the data from his fraudulent phone company to pass.

Worse yet, Moore says that the IT departments at the companies he victimized could have easily spotted his activity. If only they looked. Last week, an FBI official told the Business Technology Blog that hackers were so far ahead of the companies they were trying to break into that companies need to assume that they will be hacked. Somehow we think this wasnt what he had in mind.