Royal Dutch Shell Plc  .com Rotating Header Image


By IT4me Posted on Dec 1st, 2009 at 11:36 pm


The story of Gary McKinnon (the Scottish hacker who penetrated US defence security) reveals different attitudes on either side of the pond. The prevailing US reaction might be caricatured as “Guantanamo is too good for him” while in the UK, it’s more like “OK it’s a crime, but remind me again why all those military computers didn’t have passwords ?”. If tried in the UK, McKinnon would likely face the judicial equivalent of a chinese burn. Extradited, he faces a lengthy jail sentence.

What’s this got to do with RDS ? Well, the case may worry those for whom “hacking” is now part of the day job. Many Business Applications need “administrator” access to the GIH servers on which they are forced to run. The CIO’s empire denies this access, one of many “Big Rules” enforced with total rigidity. Faced with business systems failing, support staff resort to “hacking”. One little trick is to turn temporary administrator access (granted for an install or a problem-fix) into permanent access. Another is to borrow a powerful “service account” who password is known but which can’t normally be used “interactively” (by a human). A quick hack makes the account “interactive” and gets the job done. This trick is favoured because it leaves no trace – unlike Garry MicKinnon, who was caught not by some brilliant CSI-style forensics operation but because he left his email ID on screen.

What you think about ‘corporate hacking’ may depend on whether you sit above or below the fault line where top-down “strategy” meets bottom-up reality. Arguably, it is counter-productive because it hides the failures of strategy. On the other hand, it does keep local systems running. Even if misguided, this kind of hacking is at least well-intended.

Those tempted to send the the corporate hacker to Guantanamo at might save some of their outrage for the really bad guys. In March this year, 661 GIH servers were wiped out by a mystery “virus”. Word has it that this was actually not a virus but insider vandalism, hacking of an unambiguously hostile kind whose perpetrator did not obligingly leave their email ID on-screen. and its also non-profit sister websites,,,,, and are all owned by John Donovan. There is also a Wikipedia article.


Leave a Comment

%d bloggers like this: