Free Balance of Power Shifted by Victor Karl

all.  George was simply amazing with his ability to shut out all other stimuli and work in a Zen like state on demand.  We actually made a good team since I tended to think out of the box and bring in different viewpoints from George. 
    Geo rgie, as I called him, knew every arcane piece of information on UNIX and Linux operating systems.  I on the other hand knew the Microsoft world well and was intimate with every kind of router, firewall, load balancer and intrusion protection device that may possibly come between my objective and me.  Currently I was browsing through log data, located on an unwitting drone server, located in a small data hosting organization out of Toronto, Canada.  Based on what I saw, this server may be the last relay point before data routed to the home base server.  Whoever was behind the industrial espionage of our client number 3741, knew what they were doing.  We never referred to the actual client by name and each client bore a unique identifier in all internal correspondence or conversations.
    For the uninitiated, good forensic sleuthing, gathering intelligence and then trying to gain access to a protected system is a lengthy process.  Even though I am a huge NCIS fan, do not for once believe that a system that someone wants to be secure can be hacked in a matter of weeks let alone in hours or minutes.  I laugh when McGee proclaims that, “Boss, I am through the firewall” and in seconds is logging onto a secure system.  First, a firewall is just a set of rules that determines what type of data gets through, which is based on defined ports as well as specific IP addresses.  Under the wrong administrator, firewalls can suffer with the ‘Swiss Cheese’ effect with too many holes to protect or it can be extremely limited to a specific data port or IP address severely limiting a hackers options.  Firewalls devices are part of a layered security approach and help create secure zones.  Additional utilities implemented at each tier provide different security functions. 
    The farthest tier from the Internet is typically the most protected and this is where the most sensitive data may sit such as the crown jewels, which in most cases is a database.  If one is lucky enough to find holes to exploit security vulnerabilities or poor administrator practices, there are still a myriad of other security controls to defeat at each layer such as passwords, and encryption at the same time avoiding intruder-monitoring tools that are reporting anomalous behaviors and in some cases automating protection responses.  In other words, beware of artistic license when watching entertainment shows with cyber security as part of the plot.
    Hey Georgie I said, come look at this as I sent my display to the 60 -inch LED screen.  As I did this Jeremy came over, stood behind me and asked “what do you have Mike.”  I pulled up a couple of log files and highlighted some entries from the server and from the firewall logs that the hosting vendor was using.  Based on the destination IP addresses and date and time stamps it appeared that our old friends, using the moniker ‘The Light’ were at it again from deep in China and with obvious government sponsored support.  This organization specialized in stealing trade secrets for use by Chinese corporations.  The Light would target a company through their Internet facing systems, but would also target the weakest link of most companies, which are their employees.  Using directed social engineered SPAM messages channeled at company 3741 employees, they tried to exploit a person’s normal curiosity by enticing them to open up an email and click on an attachment or link in an effort to install malware.  Once malware was active, keystroke loggers will capture credentials, which may include credentials of privileged users, resulting in lost data.  This information is then ‘phoned home ’ to a predefined IP address or series of addresses.  The information now