IBM Accused of Hacking


This is actually a very important case depending on which way it goes.

It could become a landmark case in regards to liability for machines on your network, or actually any traffic originating from your IP range.

A boutique Washington, D.C.-based law firm is accusing IBM of hacking into its e-mail system and is seeking recourse.

The firm, Butera & Andrews, filed suit against IBM and is seeking unspecified damages and repayment of more than $61,000 that it paid to investigate the alleged break-in and repair its e-mail system, according to a copy of the suit, which was filed in April in U.S. District Court for the District of Columbia.

IBM of course wants to dismiss the case stating it’s not their liability.

IBM has since filed papers with the court seeking to dismiss the case, arguing that the law firm failed to state a legitimate claim. Butera & Andrews, meanwhile, have asked the court for limited discovery, allowing it to investigate the matter, which IBM opposes, according to recently filed court papers.

Butera & Andrews charge that an unnamed IBM employee at a Durham, N.C., hacked into its e-mail system. The individual allegedly broke into the system, gained full privileges and was able to download messages at will, according to the complaint.

The firm hired outside experts after it “became aware of facts which suggested that the e-mail server through which the firm operated had been compromised by unauthorized parties” in November 2005, according to the complaint.

It seems like an awful lot of attempts, but really can IBM be held liable? In a way I hope not as it could tide badly for everything if they are made responsible for the activity on all IP addresses registered to them.

The investigation turned up more than 42,000 attempts from over 80 different Internet protocol addresses owned by IBM to acces the Butera & Andrews e-mail system last year, the complaint said.

“Plaintiff cannot state a claim merely by alleging that certain events are ‘tied’ to IP addresses registered to IBM,” the Armonk, N.Y., IT giant said in a court filing on June 30. “Indeed, plaintiff’s argument would be akin to holding AOL liable for intentional misconduct any time an IP address registered to AOL.”

It’s an accurate comparison IMHO.

Source: News.com

Posted in: Legal Issues, Networking Hacking

, ,


Latest Posts:


Sooty - SOC Analyst All-In-One CLI Tool Sooty – SOC Analyst All-In-One CLI Tool
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.
UBoat - Proof Of Concept PoC HTTP Botnet Project UBoat – Proof Of Concept PoC HTTP Botnet Project
UBoat is a PoC HTTP Botnet designed to replicate a full weaponised commercial botnet like the famous large scale infectors Festi, Grum, Zeus and SpyEye.
LambdaGuard - AWS Lambda Serverless Security Scanner LambdaGuard – AWS Lambda Serverless Security Scanner
LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.
exe2powershell - Convert EXE to BAT Files exe2powershell – Convert EXE to BAT Files
exe2powershell is used to convert EXE to BAT files, the previously well known tool for this was exe2bat, this is a version for modern Windows.
HiddenWall - Create Hidden Kernel Modules HiddenWall – Create Hidden Kernel Modules
HiddenWall is a Linux kernel module generator used to create hidden kernel modules to protect your server from attackers.
Anteater - CI/CD Security Gate Check Framework Anteater – CI/CD Security Gate Check Framework
Anteater is a CI/CD Security Gate Check Framework to prevent the unwanted merging of filenames, binaries, deprecated functions, staging variables and more.


Comments are closed.