ISACA Points to Limewire Hacking Case to Exemplify the Dangers of File-Sharing

According to ISACA (Information Systems Audit and Control Association) an important court case in the United States, in which a 19-year-old hacker has pleaded guilty to modifying a file-sharing application, draws attention to the risk involved in using this type of software.

The group has recently commissioned a national study of U.S. white-collar workers which revealed that more than one-third, meaning 35% of employees are to blame for having violated their company’s information technology (IT) policies at least once and that nearly one-sixth – 15% of employees have indulged in P2P file-sharing activities at least once at work, thus favoring the frequent occurrence of security breaches and making sensitive business and confidential data vulnerable.

Considering that companies rely on their IT-infrastructure to store and transmit sensitive company, employee and customer data, risky activities including the ones this survey reveals are of significant concern for all businesses,” said John Pironti, member of ISACA’s Education Board. "A single seemingly harmless activity, such as using peer-to-peer networks while at work, can breach the confidentiality and security of an entire corporate network, including all of the documents, data and internal communications that reside on that network. On average, at a company of 1,000 white-collar employees, up to 70 employees are likely using peer-to-peer file sharing while at work often or very often, based on the survey findings. Companies and employees should be very concerned about their personal and corporate data in light of this information.

In spite of these results, however, the opposite appears to be valid. For instance, the telephone survey showed little if any concern on behalf of 65% of white-collar workers with regard to their privacy when using a workplace PC. Another surprise comes from the fact that 63% of them have no worries about the safety of their information while at their work place.

To expand the reports to the Limewire case – it appears that Jason Milmont is looking at five years in jail and addtional fine of up to $250,000 for adjusting Limewire, a popular p2p client, which 15,000 other file sharers then used.

What those users that utilized this version of Limewire modified by Milmont managed to do was infecting their own computers with botnets, which were capable then of doing a lot of harm - like stealing financial information to forming part of a network to go against large Web portals.

To learn more on the Limewire hacking case visit http://tinyurl.com/6zxut3