SlideShare a Scribd company logo

Rescued BB&T document 4

I
Ian Murphy 2500+ all connections welcome
1 of 52
Download to read offline
Branch Banking and Trust Technical Security and Information Security Consultation Proposal Prepared by Ian A. Murphy, IAM / Secure Data Systems
Let us begin with a little bit of humor even though we are talking of a fiscally corporate deadly situation; and think back to the theme song of Gilligan's Island. As the song goes, they were out on the three hour tour. When the tiny ship was tossed; but it was not for the fearless crew the Minnow would be lost, the Minnow would be lost. The ship struck ground on this desert isle with Gilligan, the Skipper too, the Millionaire and his Wife, the Movie Star and Marianne and the Professor here on Gilligan's Island! Or does BB&T consider itself like the movie Forbidden Planet; safe as the IT security personnel and the corporate security VP think that they are safe from invasion?
Or is it more like War of the Worlds? or Or The Hacker World and Criminal Enterprises and Others versus the Good Guys. Now what does this mean to Branch Banking and Trust? What it means is that a simple sojourn into the pile of the Internet has provided a basic wealth of information and of the corporate exposure to the Internet work purposes that could be used to exploit your weaknesses that are yet to be known by you, but could be exploited by persons with nefarious and unsavory intentions. The aspect that so many landed on Gilligan’s Island and left without taking them along to be rescued is one thing; or is it to be ―Forbidden Planet where Morpheus and Robby the Robot take control and the Krell are now back in charge after the crew of the rescue ship Versarius were told not to land. This all seems strange to you right now; but the avenues that we are traversing right now are ones that can be both fun and exciting and most of all educational to the corporate multi-state environments and cultures as demonstrated by the inclusive information; or dangerous and lethal to the corporate structure. Now it is said that the best way to introduce yourself to a company or to a potential clients is through networking. That is how this project began. The initial idea was to both ensure that the Corp.; and then it;s high net worth clients along with its high net worth Corp. Clients were made aware of various information, telecommunications, technical surveillance and countermeasures, physical security, and overall total security from any exposure to both the outside world and also to educate to the internal world of BB&T.
While this is not a hilarious situation. It is very well possible that this three-hour tour of the Internet seeking out information about BB&T has been an eye-opening experience and something that can be used to gather and garner new clients and also provide internal concerns being addressed and also from behind high net worth clients and behind high net worth Corp. clients; a possibility of bringing about an educational capability that they never thought of; but the vast potential of expanding the business footprint of BB&T corporation through the subtle use of Humor, Education, quantified and qualified education, the constant reiteration of the Ethical Standards of BB&T and other aspects of these ideas; are to promote BB&T to be as the advertising states: Best bank In Town This is War Games! In addition, this is the game called Global Thermo- Nuclear Warfare and you are a target rich environment. It is of this nature that we present these ideas and basic information that was gleaned from the Internet on this Gilligan’s three-hour tour but found War of the Worlds and Forbidden Planet to be the reality of the situation. The simple fact that BB&T is the desert island and open to exposure through the Internet, along with its clients and its own internal structures is one that should not be taken lightly. The simple fact comes down to that a person or persons in any nation, state, or criminal enterprise has the opportunity to go ahead and exploit some of the vulnerabilities that have been found in this basic three- hour tour. With a much deeper examination and without spending any money, we were able to go ahead and find a number of pieces of information of this jigsaw puzzle that gives us a basic overview of the Corp. and its senior staff along with some of the general staff that have worked for the company and could be brought about to reveal secrets and trade infringements which could put the company in jeopardy.
Now, why would we undertake such a potential examination of BB&T in the first place? Well, the first reason is due to the fact that we are a potential high net worth client and have brought a number of other accounts to the corporation itself through our personal contact, which we are very grateful to have and have found that there intuition and inspiration along with my personal education to this person has been one of an eye-opening experience. BB&T has a long history of being a conservative banking institution, as it is well-known and then outlines in this document. To repeat, what is already in this document concerning the history of BB&T is a useless waste of time. But the interesting fact is that the simple gathering of information about BB&T and its operations, and the potential of its operations being disrupted, or possibly compromised in a situation that will or could be both publicly embarrassing as most corporations will not reveal that they have had their systems compromised; and will only do it on a quiet basis to their affected customers and clients offers a unique ability to go ahead and overrule such capabilities before they occur. Please think back to the T.J. Maxx incident of 10 million debit and credit cards numbers being stolen.
Now as Gilligan; without much knowledge of your basic operation in general; I was able to gather up a number of interesting pieces of the puzzle of BB&T. But with a concerted effort authorized by BB&T; a technical surveillance and countermeasures program would be put in place along with information warfare and security program and a basic educational program for all employees to recognize the threats that come from the outside and internal workings of BB&T Corp., it basically comes down to this one simple point; that the exposure of BB&T, or any other corporation strictly is dependent upon the ability of the corporate entity to realize that it has weaknesses are being exposed on the World Wide Web in a multitude of fashion and fashions due to such actions as MySpace or Facebook, or any other social networking site, Wi-Fi, also conference attendance without proper ethical and legal and information warfare instructions and training to know when the fact that so-called aspects such as social engineering or business intelligence is being conducted without their knowledge for the benefit of the competitors for their clients. In simple terms, were are technicians, not politicians. WE report our findings and it is up to you to make the call to insure your business integrity or not. In reference to the high net worth clients and high net worth corporations who are also clients; the ability to offer a technical security team at of course, a premium to the client gives them both peace of mind and the ability to contact a corporate security officer, who would then coordinate a specified response to the clients needs. This can also be accomplished due to the fact that there is an insurance division of BB&T and would be considered an additional insurance policy provided to the client at a small premium due to the fact that most clients will not have the need to have such specialized electronic and physical security evaluations on a continual basis. Of course, there are those clients that need special handling that will require a prerequisite of physical, electronic, electromechanical and over all technical surveillance and countermeasures capabilities available at the ready upon the client’s request. That type of particular clients is one that is required by the company and wishes to be capped by the company as a client and this type of service is one that gives the client peace of mind.
The same way that BB&T has a corporate security officer in charge of investigations who is a vice president and that BB&T also has a disaster recovery program in place for its information systems; but does BB&T have an over all security program in place and operational for the requirements of the needs of the corporation at the time of the need to Corp?
During this sojourn of a three-hour tour of the Internet in basic research of BB&T Corp. were able to find the chairman of the board's home address, the political action committee, a number of employees, both past and present, the recent new employees and their positions and titles, their addresses of their homes, which gives us the capability to find out even more about them and to possibly use them for nefarious purposes. If that was our goal. But since our goal is to act as a protective shield for BB&T Corp., and to allow us the capabilities of both sweeping particularly sensitive areas and allowing the director of corporate security to place his input in along with our input as a total team commitment offers up a security overall protective force field . An overall, bubble that should be put in place immediately. Information is power, knowledge is power and the Internet provides so much power into the hands of the potential adversary to the Corp. or to the potential competitor for both clients, corporate information, high net worth abilities and clients, and over all business intelligence is one that should be considered by BB&T to be unacceptable, and not insurmountable.
Now, while the aspect of an specialized outside team coming in with fresh objectified eyes and offering its expertise and mindset from a standpoint that is much different than the current security operations of BB&T, or any other former or current client organization has always been one that has been a delicate dance that offers up the chance to step on some toes at times, and anchored dues paying for results that are not advantageous to the current corporate security posture. In this aspect; our goal is not to go ahead and produce an untenable situation where the BB&T security operations are left open to compromise and to conflict, but to enhance the security operations through new ideas and unique capabilities that are currently not in the BB&T security operations theater.
Just why would such efforts to discover BB&T’s Background and weakness? With just a few short hours of research, we were able to come up with a small sample of your total exposure to your corporation which makes it vulnerable to compromise and breeches. A person seeking to do damage or other nefarious deeds could dig deeper with more time and a systematic plan of attack on your networks. A concentrated penetration attack upon your infrastructure includes, physical, electronic and electro-mechanical . One type of Attack would be with ZeuS or SpyEye as simple examples of you possibility of attack without your knowledge. Here is a small example of just some of the outlets of ZeuS: 1. “Kneber” = Zeus | Symantec Connect Feb 18, 2010... being reported as a new type of computer virus known as ―Kneber.‖ In reality Kneber is simply a pseudonym for the Zeus Trojan/botnet. ... www.symantec.com/connect/blogs/kneber-zeus - Cached - Similar ► 2. New trojan virus Zeus v3 empties online bank accounts | Mail Online Aug 11, 2010 ... The latest attack involved a Trojan called Zeus v3 which hides inside adverts on legitimate websites. Once installed on a home computer, ... www.dailymail.co.uk/.../New-trojan-virus-Zeus-v3-empties-online-bank-accounts.html 3. Computer Virus Attacks Cobb County Woman - News Story - WSB Atlanta He actually tracked the origin of the Zeus virus to a hacker in Russia. The program sits on your computer until you sign on to a financial ... www.wsbtv.com/news/19022761/detail.html - Cached - Similar 4. Computer Virus: Zeus Virus: Becoming more powerful Apr 22, 2010 ... Zeus virus comes of revision 1.6 with the capability of attacking Firefox and Internet Explorer. A truth that gives a chance for the Google ... creatingcomputervirus.blogspot.com/.../zeus-virus-becoming-more-powerful.html - Cached 5. New Study Finds Computer Virus 'Zeus Bot' in Internet Postcards ... Jul 25, 2009 ... A computer forensics study reveals that phony Internet postcards presently hitting users' inboxes contain a PC virus called Zeus Bot. www.spamfighter.com/News-12877-New-Study-Finds-Computer-Virus-Zeus-Bot-in-Internet- Postcards.htm - Cached - Similar 6. Zeus Virus Malware – Most Software Cannot Detect This Trojan zeus virus malware Zeus is a financial malware. It infects consumer PCs, waits for them to log ... The safety of your computer is within your own hands. ... thepcsecurity.com › News - Cached - Similar
7. Computer Virus Zeus V3 Hits Large UK Financial Institution And ... Aug 11, 2010 ... Thousands of online banking customers have had their accounts drained by a sophisticated new computer virus, internet security experts say. news.sky.com/.../Computer-Virus-Zeus.../201008215681025 - United Kingdom 8. U.S. Makes Arrests in “Zeus” Computer Fraud Oct 1, 2010 ... By Jane Jamison Let this story on the Zeus Trojan serve as your ... Tagged as: bank fraud, computer, phishing, trojan, virus, worm, Zeus ... www.uncoverage.net/.../u-s-makes-arrests-in-zeus-computer-fraud/ - Cached 9. Two held over ZeuS trojan virus that steals personal data ... Nov 18, 2009 ... Computer hacker The Zeus or Zbot virus can steal users' bank details, passwords, credit card numbers and other information. ... www.guardian.co.uk/technology/.../zeus-zbot-trojan-virus - Cached - Similar 10.Hackers Use Zeus v3 Virus to Target Bank Accounts Aug 15, 2010 ... Zeus v3 Trojan Virus Malicious hackers are targeting people in the UK with a dangerous computer virus called Zeus v3 to wipe out bank ... www.wpsecuritylock.com/beware-hackers-use-zeus-v3-virus-to-target-bank-accounts/ - Cached Well to answer the question; it is very simple. The ideas presented are for both the corporation and for it’s corporate clients and to also provide security consultation to high net worth clients and the general public customer. If you are selling Quicken to everyone, why not sell security as well as part of the package too? The various stages of security consultation for the company are to include Technical Surveillance and Counter- Measures, Information Systems Security (you just got hit with a virus a few months ago if memory serves me correctly) and to provide a service that no other banking institution could offer with the various insurance and other service besides banking to customers, employees, clients and others who would require and could be provided as a service for a fee to the clients through the Corporate Security Division. If the banking side of the house and the insurance side of the house were to combine in a manner that offers such services as a piece of mind service to the customers, the exponential value in Goodwill and customer loyalty grows each and every day with them knowing that their assets are protected to the very best security science can offer. From the Technical security & counter-measures side inclusive of all computer systems, employee awareness and other aspects of Information Warfare counter-measures to the protection of vital and needed corporate data and programs secure. Currently you offer Quicken as part of a service that comes with the customer experience territory. A very nice offering indeed. No other banking institution that we know out there wants to serve the customer with such unique service and offerings. But along with the Quicken service, maybe the thought of providing to the general customer something that we have not seen in any other banking concern. The possibility of making aware the average customer of Information Security and their banking needs and your services.
This can be done as a networking type of event with an after business hours event to allow those who are concerned with their own security for banking purposes; or their business concern’s in addition a chance to meet and greet other clients who wish to network their own business and maybe share their horror stories of Information Security and a chance for all attendee’s to learn and share both business stories, information horror stories, provide a number of vendors of security service such as the team presented to you in this very basic proposal and the chance for them to interact with the clients and to also provide the Banking side of the house the chance to join in a lively open discussion with the clients as to their needs both banking and of their own security concerns. . This following web page comes from your web site and should be more prominent in it accessibility. While we applaud the effort and the sincerity of such a web page, it was only discovered by a web search of BB&T Information Security policies and procedures. So no one really reads it : Protecting Your Internet Activities and Electronic Data With more of our financial activities occurring over the Internet, it is important to be aware of risks these activities entail and steps you can take to reduce the risk that someone will illegally gain access to your private information or financial accounts. Common Internet scams Auction fraud - This may take many forms including emails saying you have a second chance to buy an auction item, non-delivery of an item purchased in an auction, defective merchandise or receiving cheaper merchandise. Advance payment frauds - Emails asking for help in getting money out of a country or advising you that you won a lottery lead to requests for money to cover legal fees, taxes, bribes, processing costs and taxes. Phishing - Emails notifying you that an institution or store need confirmation of account information lead to a fake (or spoofed) website that looks legitimate but is just a place to disclose personal information to fraudsters. BB&T will never ask you for confidential information through email or pop- up windows. Hot stock promotions - Emails, online newsletters and bulletin boards may be nothing more than a scam artist's attempt to have you drive up the price of a stock so they can sell their shares. This is often used with cheap and thinly traded stocks. Protecting your online activities Be careful using public computers. Using a computer at a cyber café or a free computer at a trade show can be dangerous. The computer may be programmed to capture user names and passwords. If you use this type of computer, make sure no one is looking over your shoulder to memorize your personal data and be sure to sign off when you are done.
If you are using the Internet for financial transactions, be sure the sites you visit are secure. Most secure sites have URLs that start with "https://" instead of the normal "http://." Some websites may display a logo indicating it is secure, but make sure you know the site is one you trust. Wireless Internet networks have become common and convenient. Some are secure and some are not. Be careful using wireless networks that are free and not secure. Wireless home networks deserve attention as well. It may be time consuming or more expensive to have a secure network at home, but that is better than having a fraudster sitting in a car on your street monitoring your activities and gaining access to your files and information. It is important to install anti-virus software on your computer and keep it up to date. The safe holds true for firewalls and security patches for your operating system. Passwords Many websites you visit require a user name and password. Having a strong password will make your online activities safer. Unfortunately, many passwords are chosen to be easily remembered rather than to protect the user. Some common passwords that hackers could easily guess are password, user name, your real name, your address, 123456, abcdef, or just a number. With just a four- digit number, there are only 9,999 combinations and a sophisticated hacker could probably figure that out in seconds. Strong passwords are at least six characters long and preferably eight. They should contain a mixture of upper and lower case letters, numbers and special characters (#, $, ^, &,!,?, {, >, etc.). They should not be based on personal information and not be based on words found in a dictionary. The difficulty of long and mixed passwords is that they can be hard to remember. One suggestion is to create a password from a sentence that you are likely to remember. For example, start with the sentence "My children John and Mary are 12 and 16 years old." Then use the first letters of the words, characters and the numbers to create the "McJ&Ma12&16yo" password. Changing passwords often and using different ones at different websites also increases protection. Keep any written record of your passwords in a safe location. Disposing of CDs and diskettes The best way is to physically destroy the CD. Shred it if you have a shredder that can handle it without difficulties. Otherwise, you can break the CD into pieces. Be careful and wrap the CD in a paper towel to avoid shattered plastic. Diskettes can be formatted to remove the data if you plan to reuse them. Otherwise, it is a good idea to break them into pieces or shred them.
Disposing of a PC hard drive With the ways you use your PC and financial software you may use, think of the highly sensitive information that is stored on your hard drive. It may have tax returns, investment records, financial account information, and other personal data. It may also have records of your user names and passwords used at dozens or hundreds of websites. This is information that must be removed before disposing of an old PC. Unfortunately, it is extremely difficult to completely erase that data from your hard drive. Deleting files and even formatting your hard drive does not completely remove the data. With the right tools, a skilled technician could reconstruct your data. There are some software products that claim to overwrite an entire hard drive and make it impossible to recover the data. A better, easier and cheaper solution is to remove the hard drive and physically destroy it. If you are considering disposing of, donating or recycling a PC, protect yourself and your data by removing and destroying the hard drive. Protect Your Identity Review what BB&T does to help protect your identity. The statement of the above is very true and most enlightening indeed for the average user; but then come some meat on the bone to bring home the facts of reality about the corporation: Here is an example of the BB&T Computer and Utility suppliers BB&T Computer Network TOWER ASSOCIATES, INC. Owners & Operators of the BB&T Building Leasing - Brokerage - Property Management - Development 1 West Pack Square, Suite 1701 Asheville, NC 28801- 3481 Phone: (828) 210- 8155 "A Recognized Asheville Landmark"
PROFESSIONAL SERVICES In addition to owning and operating one of Asheville’s largest multi-tenant office buildings, Tower Associates has numerous relationships to offer a variety of professional real estate services including leasing, brokerage, development, relocation coordination, construction services, and advanced technology services. With many years experience, Tower Associates can consult with investors to research, locate, and develop investment opportunities. Services are also available through Tower Associates to work with out-of-area brokers to find the right location to satisfy tenants’ needs. Tower Associates has partnered with strategic technology and energy leaders to provide tenants the most advanced services. These partners include AT&T, Charter Communications, Progress Energy, and PSNC (Public Service Natural Gas Company of North Carolina). The BB&T Building boasts 3 fiber optics feeds providing extraordinary telecommunication capabilities. Specific association with TAIS Web, an advanced computer technology company located within the BB&T Building, enables on-site voice telecommunication, phone devices, voice mail, computer networking, network wiring, computer repair, broadband Internet access, and web design services. I would like to thank you for the keys to the front door as it may very well be.
Exposure points found just on the 3 Hour Tour This is one of your guys out there on the net advertising his past with BB&T. This is a policy that must be changed and enforced to insure the corporation’s security integrity is not placed in jeopardy. Desktop Support Specialist BB&T John Shrum Active Directory (AD) Systems Administrator (SA), General Dynamics Information Technology (GDIT), NASE, CONUS-TNOSC. Tucson, Arizona Area Contact John Shrum Add John Shrum to your network Current Active Directory Systems Administrator at General Dynamics Information Technology Past Desktop Support Specialist at BB&T Infrastructure Specialist at Digital Persistence Refresh Specialist at Dell Computers John Shrum’s Summary John Shrum 5138 Camino Del Norte Sierra Vista, AZ 85635 205-369-0124 (Public Company; BBT; Financial Services industry) January 2010 — June 2010 (6 months) Increased efficiency for BB&T Bank end users and profits by successfully performing project related installations for 26 branches within the scope of the project per contract agreement between BB&T, DCI (Digital Communications, Inc.) and TekSystems/Allegis
Performs installation and setup of Network Cabinets, Routers, Switches, Servers, PC's and Accessory Device Network Cabinet installs consist of locating the proper T-1 Circuit and DSL backup circuit Properly connecting and dressing the cabling, plugging the whiptails into the switch Punching down the crossovers cabling Verifying the UPS and server are up and operating normally Consoling into the router to verify proper configuration of the router PC installs consist of performing configuration and updates to PC's placing the fresh monitors to be used with the legacy PC's until second stage is performed Placing fresh PC's in proximity of the legacy PC's with appropriate peripherals' including MICRs, Validators and Check scanning devices Final stage consists of placing fresh equipment in operation, removing legacy equipment Performing data migration insuring data is not compromised Directing users log on and mentoring them through user specific configuration Recording and reporting inventory for fresh and legacy equipment So now, I have a decent way of understanding your infrastructure and see your guts from a new perspective. In another words; Gottcha! More on the company BB&T Bank Building Tower in Atlanta $150 million tower to be anchored by banking firm KEVIN DUFFY; STAFFTHE ATLANTA JOURNAL-CONSTITUTION Updated: 02-6-2009 12:30 pm The metro area's fourth-largest bank will anchor a new $150 million office tower at the massive Midtown development Atlantic Station. The 25-story skyscraper, under construction at 271 17th St., will be Atlantic Station's third office building and its tallest. Construction is expected to be finished in spring 2009. BB&T Bank, headquartered in Winston-Salem, N.C., signed a 15-year lease on 80,000 square feet and will move its Atlanta headquarters to the site. The bank spent 18 months looking at more than 40 existing and proposed projects before deciding on Atlantic Station, said Lars Anderson, president of BB&T's Georgia operations. "This move will help us bring employees from across our financial services spectrum to 17th Street," Anderson said. BB&T's 200 Atlanta employees are scattered among three buildings in Buckhead. BB&T will open a branch in the lobby of the new building and occupy floors eight, nine and 10 initially. The tower will give BB&T an opportunity to make a much bigger statement in Atlanta. The company plans to display 19-foot illuminated letters on all four sides of the structure, Anderson said.
Some examples of your employees that have shared their employment with others on the net! 26 Employees of BB&T Bank Renee Pierce 28 yrs, luna777 Purcellville, VA Bb&t Bank Banker Luck Stone Loudoun Valley High ... Click to learn more about PeekScore Alisa Spiker 33 yrs, spike1531 Culloden, WV Bb&t Bank Bookkeeper Accounts Payable Clerk Clay Center For The Arts & Sciences Wv ... Click to learn more about PeekScore Jennifer M. Irvin 29 yrs, jennirvin Mechanicsville, MD | Piney Point, MD | Madison, NC Schoenbauer Furniture Service Reeves Insurance Agency Bb& T Bank ... Click to learn more about PeekScore
Kayla Parker 19 yrs, maylakay_06 Ringgold, GA Bb&t Bank Northwest Whitfield County High School Dalton State College music ... Click to learn more about PeekScore Mary A. Lorza 28 yrs, mary_lorza Pooler, GA | Savannah, GA Suntrust Bb&t Bank Relationship Banker Financial Service Rep. ... Click to learn more about PeekScore Jessica Keehn 24 yrs, jessk72485 Newburgh, IN Bb&t Bank Teller Unemployed At The Moment University Of Louisville ... Click to learn more about PeekScore Lisa Martin 25 yrs, lisamartin55 Demorest, GA | Gainesville, GA Bb&t Bank Bank Teller Click to learn more about PeekScore
Antonio Daure, antoniodaure Stone Mountain, GA Bb&t Bank Senior Teller Relationship Banker accounting banking ... Click to learn more about PeekScore Jamie Taylor 27 yrs, juicyjamielove82 Berryville, VA Work Bb&t Bank Bank Teller tv ... Click to learn more about PeekScore Michael Runyon 22 yrs, runyon88 Charlottesville, VA Bb&t Bank Teller Mountain Valley Corp. William Monroe High ... Click to learn more about PeekScore Mary Grubbs 62 yrs, mary1670 Woodstock, VA Bb&t Bank Robber Central High School family ... Click to learn more about PeekScore
Jessica L. Raper 28 yrs, tigerjesslynn Mableton, GA | Cleveland, TN Bb&t Bank Bradley High School reading bowling ... Click to learn more about PeekScore Grace Mcewen 24 yrs, grace24124 Harrisonburg, VA Wal-mart Journeys Bb&t Bank Teller ... Click to learn more about PeekScore Charlotte Murphy 45 yrs, craftygirl1965 Tucker, GA Banking Bb & T Bank Sangrias Mexican Cafe Lakeside High School ... Click to learn more about PeekScore Lisa Pue 27 yrs, misslisapisa Suisun City, CA Best Buy Bank Of America International Bank Of Commerce Bb&t Bank ...
Colin Pone’s More IT employees on the net Current IT Risk Management - Project Manager at BB&T Past Information Security Officer at Greystone Bank Divisional Senior IT Manager at The Cheesecake Factory IT Manager at The Cheesecake Factory 4 more... Education ECPI Technical College Nash Community College Recommendations 3 recommendations Connections 22 connections Industry Information Technology and Services Colin Pone’s Experience IT Risk Management - Project Manager BB&T (Public Company; BBT; Financial Services industry) June 2010 — Present (6 months) Audit/Regulatory Liaison. Work directly with the FDIC, NCCOB, OTS and other regulatory examiners for all IT examinations. Manage internal audit findings and work with LOBs to mitigate risks. Serve as Process Action Team member to reduce Information Security risks and provide training to management as appropriate. Compile, review and provide external auditors and regulatory examiners with requested documentation.
Information Security Officer Greystone Bank (Banking industry) June 2009 — July 2010 (1 year 2 months) * Business Continuity / Disaster Recovery Planning/Testing * Regulatory Examinations as CTO (FDIC, NCCOB) * PCI Compliance Management * User Access Process Control / Auditing * Information Security Program/Policy Management * Incident Response Plan Management * Business Intelligence Report Creation * LAN/WAN Integration * Virtual Environment Process Control Divisional Senior IT Manager The Cheesecake Factory (Public Company; CAKE; Restaurants industry) February 2008 — March 2009 (1 year 2 months) • PCI Compliance Management • SOX 404 Compliance and internal process auditing • Manage Information Technology for the manufacturing division of The Cheesecake Factory which consisted of 22 Servers, 300+ users, two manufacturing plants and a corporate office facility while reporting to the Senior Executive Vice President of Operations and Corporate CIO. • Devise and Manage divisional capital IT budget exceeding $900,000 for 2008 and exceeding $600,000 in 2007. • Manage all Ross ERP decisions, updates, upgrades and module implementations including but not limited to WMS, Maintenance Management, MES, Requisitioning, Supply Chain etc. using SDLC • Constructed and managed eCommerce Distribution department responsible for packaging and distributing all online cheesecake orders to customers. Department consisted of 4 permanent and 60 temporary employees. • Analyze all divisional business processes, devise plans for technical process improvements and determine the areas of impact for Information Technology. • Analyze all business processes and determine the areas of impact for Information Technology.
IT Manager The Cheesecake Factory (Public Company; CAKE; Restaurants industry) February 2006 — February 2008 (2 years 1 month) • Setup all IT functions at new manufacturing facility including but not limited to network layout, wireless infrastructure, server installation, phone system configuration, desktop purchase and installation, IT policies and procedures, etc. • Manage all ERP module implementations such as WMS, Maintenance, MES, Purchasing, etc. • Manage the creation of all Business Objects reports exporting data from Ross for KPI reporting, Outstanding PO’s, Ship Orders, Maintenance Work Orders, Requisitions, etc. • Manage IT related capital projects in excess of $500,000 in 2006 and report to Vice President of IT at our corporate headquarters in Los Angeles, CA. • Monitor and maintain 4 file servers, 2 Soleris Micro Lab servers, 2 Intellex Security Camera servers, 2 SQL Servers, 1 Backup Domain Controller, 1 Backup/Print server, a 2003 Exchange server and 12 additional servers that serve as disaster recovery for corporate. • Setup and implemented Avaya Partner Phone Messaging system, created mainline menus, directory listings, submenus, department and user mailboxes and our Inclement Weather/Emergency Hotline. • Create Microsoft Access databases for departments as needed such as the PQG Process Control Database for Quality Assurance and the Key Production Indicators Database for manufacturing to enter, modify and report on daily production data. • Implemented Neogen Soleris LIMS for Quality Assurance and configured remote network connectivity software to view test results remotely through our VPN. • Manage and maintained Production Data Integration System that retrieves data from each piece of equipment in manufacturing by connecting to PLCs, cameras, photo eyes, various sensors and data entry screens in production. • Implemented digital video security server system. Installed 4 INTELLEX servers in the MDF and 48 security cameras throughout the interior and exterior of the facility.
IT Project Manager / Network Administrator Wachovia (Public Company; WB; Banking industry) February 2004 — February 2006 (2 years 1 month) • Manage projects that affect all of the users at the Greenville, NC and Winston Salem, NC locations and delegate specific parts of the project to supporting technicians. • Present project proposals to Senior Management and provide weekly project status updates. • Hold regular meetings with consultants, offsite personnel and senior management to align decision making, ensure proper support and prepare for disaster recovery. • Support network infrastructure, connectivity and assist in 10 bit to 100 bit local network upgrade. • Design technical project layouts and delegate specific parts of projects to project teams. • Manage Lotus Notes software upgrade from R5 to R6 and find resolution for all issues associated. • Support Inova Lightlink reader boards, applications and associated servers. • Troubleshoot and support Windows NT/2000/XP workstations, 2000/2003 servers and network issues. • Remotely support out-of-state users utilizing NetOP remote control and Terminal Services. • Responsible for testing applications in Test environment prior to Production deployment. • Inform helpdesk management of common issues and provide detailed instructions for resolution to later be uploaded to our knowledgebase. Network Administrator Purdue Pharma (Privately Held; Pharmaceuticals industry) February 2003 — February 2004 (1 year 1 month) • Manage technical projects such as Exchange 2000 migration from 5.5 with Active Directory integration. • Support SAP ERP modules, implementations and end users in manufacturing. • Created a multi-subnet environment to separate the manufacturing and office networks for FDA Part 11 compliance. • Create, modify and maintain user/group accounts and support all voice and data operations. • Manage and support a Windows NT/2000 environment utilizing Active Directory, Terminals Services, Server Manager, User Manager and Norton Ghost. • Accountable for server backup procedures, execution, SOP revisions and offsite storage. • Support all Microsoft software applications as well as SAP ERP module implementations, LIMS, POMS and Millennium software. • Image desktop workstations and servers using Norton Ghost - Ghostcast. • Setup and install servers, switches, blades, tapes drives and various other types of hardware. • Setup digital phones lines, extensions, categories, etc. through the Meridian phone system.
Subject Matter Expert - Desktop/Server Support Electronic Data Systems - EDS (Information Technology and Services industry) May 2001 — February 2003 (1 year 10 months) • Supervise Windows Server and Desktop support team • Set schedules based on call volume analytics • Monitor agents for compliance and quality assurance management • Support user issues on a Tier 3 level as needed • Coordinate and train agents on newly supported products/applications and maintain training materials. • Assisted in the design and maintenance of USPS Knowledgebase website used to guide agents through support issues/FAQs Image Processing Analyst II BB&T (Public Company; BBT; Financial Services industry) March 1999 — May 2001 (2 years 3 months) • Maintain files and statement data on Unix servers as administrator • Migrate statement data from RAID to OPTICAL Jukebox platters monthly post statement printing • Review and image fraud checks as needed and made system updates as appropriate • Managed Image Library software for commercial customers and ensured all check images were properly imaged on CDs for customer distribution Colin Pone’s Education ECPI Technical College BS , Information Technology , 2000 — 2001 Graduated with Honors with a 3.8 GPA Nash Community College College Transfer , Computer Science
Colin Pone’s Contact Settings Interested In: career opportunities consulting offers new ventures expertise requests reference requests getting back in touch This one is a killer as well IT Project Manager Post Job For Free Country: United States State: North Carolina City: Charlotte ZIP: 28226 Posted date: 10/27/2010 Posted by: Name is not set. Email: dhartu@r.postjobfree.com Contact Info: ******@********.**.*** Show Contact Info (premium) Send Message (free) Map Data - Terms of Use Resume Text: Contact job seekers directly. PostJobFree Premium Membership is only $20/month. STACY R MEHLMAN 4808 Waterford Knoll Drive Charlotte, NC 28226 (704) 519 – 9301 EDUCATION • New York Institute of Technology Degree: Bachelor of Arts/Communications Technical Classes: • Novel 3.12 4.11 • Microsoft Administrating Windows NT 4.0 • Microsoft Windows NT 4.0 Core Technology • Telecom: Centigram PBX APPLICATIONS AND SYSTEMS KNOWLEDGE EXPERIENCE OS and Application Support: Windows XP, Windows 2000, MS Office 2007, MS Outlook 2003 , Office Pro 2003, 2000 & Pro, Lotus Notes 7.0, Explorer 6.0, 7.0, 8.0, Adobe Reader 7.0, 8.0, Adobe Acrobat Standard, Adobe Acrobat Professional Hardware Support: Blackberry - Verizon 8830 (Curve), Verizon 9630 (Tour), IPHONE, HP Monitors and PC’s (Lenovo T400 laptops, IBM ThinkPads, Logistic Webcam Pro 9000,
KNOWLEDGE Aspect Winset for Windows, WebXtender, Communiqué web conferencing, AS400, Peregrine system (Service Center, Get Answers), Oasis Softphone, Emerald Mainframe, Go To Assist, SMS Systems Management Server 1.2, 2.0 (SMS), SMS Remote, SCCM Remote Control, Avaya Messaging, Microsoft Active Sync, DTS Synchronizer SYS Point PE, Mana PE Disk, MS System Center Configuration manager 2007, HP Service Manager, Lotus Sametime 8.0.2, BlackBerry Enterprise Server Management, Blackberry Application Loader, Blackberry Device Manager. Verizon VZAccess Manager, Java PROJECT PROFILES AND EMPLOYMENT HISTORY Premier Mutual Fund Company: Charlotte, North Carolina Desktop Support Services – June 2009 – Present August 31,2010 • Support companywide internal users at multiple locations and facilities • Technical support of the desktop hardware and software computing environment. • Serves as the interface to the Support Center and other IT groups for issues that must be elevated beyond the Desktop Support Services organization • Coordinates desktop hardware and software acquisitions and upgrades • Deploy, set-up PCs, Laptops, and Printers • Provides computer hardware move coordination and support • Provide desktop support for the installation, configuration, and ongoing usability of desktop computers, peripheral equipment, software, Break Fix and Service requests • Resolve desktop support requests and inquiries in a timely manner • Maintain an inventory of IT assets and perform updates to the IT asset management database • Specializing in Blackberry support- Trouble shooting hand held issues swiping, enterprise activation, synch issues, adding/deleting components, password changes, connectivity problems, Blue Tooth setup, upgrade Blackberry OS • Worked with BES Management, BAM Notes services • In addition, as the Desktop Support Specialist, I participate in special projects and perform other duties as assigned BB&T: Charlotte, North Carolina Migration Technical Support Specialist Oct 2008 - Dec 2008 • Onsite Deposit Migration Team support • Converted external corporate customers from their current desktop application to a new web-based version used to initiate the application • Scheduled migration and training session with clients • Initiated the removal and installation of new supporting software application and drivers for the scanner device for the web-based version • Trained users on the new application • Used Web conferencing • Used Access database to track client information • Assisted web-based clients with questions and issues with the implementation of the authentication security questions • Reset passwords, security questions, and resolved lock outs • Advised on how to add / delete users • Assisted in editing user setup
• Provided instructional and technical support, as well as customer service to external customers utilizing BB&T’s onsite deposit application • Provided product knowledge • Analyzed / resolved customer issues • Answered questions and resolved problems while exceeding required time frame expectations Wachovia Bank: Charlotte, North Carolina Technical Helpdesk Analyst April 2007 – August 2008 Wachovia Technical Consultant • Single Sign On Training / Migration Project support • Provided instructional and technical support, as well as customer service to both internal and external customers • Utilized Wachovia Treasury Services Application • Recorded and tracked each customer interaction in Call Tracking and Problem Solution database • Reviewed, analyzed and evaluated business systems and user needs as they related to Wachovia Treasury Services • Converted 130k external corporate customers from their current URL to a new URL landing page used to initiate all online applications • Provided instruction and guidance to customers so they could manage through the URL migration process • Created new logon ID's, passwords and bookmarks in support of the migration • Installed digital certificates, setup security questions and multifactor devices • • Assisted with Internet explorer issues such as: Script errors, options, browser and HTTP settings, connection issues, activeX controls, tool bars, security, trusted sites and printing issues • Assisted with customer inquiries on accounts, balance and transaction information, and user id validation/deletions. • Analyzed / Resolved User Problems on current system • Resolved problems while exceeding required time frame expectations • Reset passwords, logon violations, and lock outs • Advised on how to add users / delete users, • Assisted with setting the user access functions • Identified / tested/ reset/ and unlocked tokens • Processed customer request modifications (CRM) • Added / deleted accounts • Removed profiles • Added function and provided access • Worked closely with Tier II support to expedite and resolve customer issues American Technical Ceramics: Huntington Station, New York Account Representative / Sales March 2003 - February 2007 • Sales Department working with Buyers. Purchasers, Engineers • Customer Service • Provided product knowledge, process quote requests, and process purchase orders, set up new accounts for Customers, process credit references, resale certificates, client contact information
• Analyzed / resolved customer issues • Expedited orders to meet customer's needs, furnished invoices and proof of delivery for invoice payment • Tracked customer orders and resolved late, missing, and partial shipments • RMA's - Processed return material requests and provided support to customer • RO's - Processed replacement material orders and provided pricing and delivery information • Worked with accounts payable for credit line increases, resolve over credit limit and billing issues • Internet orders • Processed & updated online orders, setup customer authorizations, resolved & analyzed issues pertaining to Credit card problems, incomplete data on orders, order tracking and back orders Verizon / Bell Atlantic / RH Donnelley: New York City and Long Island, NY System Analyst/ Field Support Sept 1998 - July 2001 • Desktop Support of 900 users at 3 locations using Windows NT and MAC OS 8, OS 9 • Analyzed / Resolved end User Problems • Help Desk support • Used Expert Advisor 3.5 to log & track issues • Provided solutions to problems while exceeding required time frame expectations • Helped maintain function for all users PC's in multiple departments • Assisted off site users with SMS Administrator • Assisted Telecom Department in analyzing problems • Setup data jacks, changed phones and setup Voice Mail Boxes • Completed upgrades / installations • Applied upgrades to software, patches, and fixes from vendor when necessary • Installed & removed user software applications • Helped with migration of email service from Outlook98 to Lotus Notes • Created User Workstations Environments and Network Printers • Used Ghosting to perform this task • Setup user profiles, Protocols, Domains • Installed Drivers for network, printer, audio, video, display, and modems • Purchasing Supplies / Vendor contacts o Contacted manufacturers or Vendors for hardware replacement, purchase and/or product returns o Kept up to date inventory checklist of all equipment including • Laptops, Desktops, printers, accessories o Cleaned out logs of all old equipment, old end-users and maintained all equipment asset information through SMS • User Training o One on one training of software applications • Hardware o Setup user stations and Network Printers o Resolved functional problems First Card NBD: Uniondale, N.Y LAN Administrator Asst. / Desktop Support April 1997 - September 1998
• Desktop Support of 3000 users using Windows 3.1 and Windows 95 • Analyzed / Resolved end User Problems • Call in Center support • Used MS Access to log & track issues • Provided support and taught application usage • Performed PC Upgrades and relocations • Used NWAdmin 4.1 to maintain LAN information for users, servers, printers and software • Used ArcServe to control daily backups of all servers, restoring of files • Network Conversion support • Helped with the construction of server units, printers configurations (SYMS and LAN Cards) • WIN 95 Roll Out support • Upgraded PC's, installing software applications, new images when needed • Resolved user problems through NetWare 4.11 NDS System and at users workstations • Supported conversion from Token ring to Ethernet • Responsible for rewiring the LAN connections to the new hub, data jakes, and PCs • Performed installations of new NIC cards The only thing that this employee forgot to add is if she was married, had kids or just Party Animal on her resume! BOB Meyers in for as your information security chief. So let me guess; a former fed of one type or the other, a high-ranking ex-cop, maybe military cop and officer or all of the above. Congratulations, you brought on-board a hound dog that can sniff out a crime AFTER the fact, not before it occurs due to a possible lack of understanding of the ever changing world of technology. Robert Myers Title and Company: VP-Corporate Security Corporate Manager of Investigations at Bb&T Corporation Company Address: 200 West 2nd Street Winston Salem, NC 27101-4019 Join Spoke to learn more information about Robert
Search for Robert Search for Robert on Facebook Search for Robert on Linkedin Search for Robert on Twitter Search for Robert on Myspace Robert Myers's Biography Tags: Bb&T Corporation, NC, Commercial Bank, VP-Corporate Security Corporate Manager of Investigations Robert Myers's Job History Join to view all Bb&T Corporation o VP-Corporate Security Corporate Manager of Investigations Robert Myers's Coworkers Join to view all (2,144) Rocky Comer IT Asset Life Cyc... SEVP and Chief Ma... Barbara Duck Senior Executive ... Ron Denny Senior Vice Presi... Chief Financial O... John Williams Blue Ridge Region... Paal Kaperdal Senior Vice Presi... J Coppedge Gulf Coast Region... Chuck Gaskin Sr. Vice Presiden...
Here is the Gulf Coast President guys background in a nutshell. J Coppedge Title and Company: Gulf Coast Regional President at BB&T Corporation Company Address: 200 West 2nd Street (Tell me, does everyone work at the same address? Hell no!) Winston Salem, NC 27101-4019 Join Spoke to learn more information about J Search for J Search for J on Facebook Search for J on Linkedin Search for J on Twitter Search for J on Myspace J Coppedge's Biography TitleEast Florida Regional President RegionEast Florida ExperienceMr. Coppedge has 24 years of banking experience, including 19 years with Wachovia Bank. He joined BB&T in 2004 with the acquisition of Republic Bancshares Inc. of St. Petersburg, Fla. While at Republic Bank, he served as chief operating officer. Date of BirthNovember 12, 1954 BirthplaceCoral Gables, FL EducationBS, Marketing, Auburn UniversityMBA, Finance, University of FloridaAffiliationsFormer Member, Board of Trustees, University of Tampa; Executive Committee Member, Tampa Chamber of Commerce; Board Member, Tampa YMCA; Board Member, Tampa Bay Partnership; Board Member, Past President, Cobb County YMCA Tags: Bb&T Corporation, NC, Commercial Bank, Gulf Coast Regional President
J Coppedge's Job History Join to view all Bb&T Corporation 2006 o East (since 2006) o President (since 2006) o Gulf Coast Regional President J V Arthur Inc 2005 o Regional President, East Florida - Florida (since 2005) Bb & T Shomo & Linedweaver Insurance Services 2005 o East Florida Regional President (since 2005) ??bb o East Florida Regional President Bb & T Corporation o East Florida Regional President J Coppedge's Coworkers Join to view all (2,144) Rocky Comer IT Asset Life Cyc... SEVP and Chief Ma... Barbara Duck Senior Executive ... Ron Denny Senior Vice Presi... Chief Financial O... John Williams Blue Ridge Region... Paal Kaperdal Senior Vice Presi... J Coppedge Gulf Coast Region... Chuck Gaskin Sr. Vice Presiden... Has this info changed?
Learn more about J Coppedge View Background Information on J Coppedge View Social Profiles for J Coppedge powered by 2,144 employees in Bb&T Corporation Join to view
Wake up to the reality of the real world situation and a kid with a keyboard and Internet Access By Michael Isikoff National investigative correspondent NBC News NBC News updated 11/22/2010 5:52:27 AM ET 2010-11-22T10:52:27 WASHINGTON — How did a hacker in Malaysia manage to penetrate a computer network operated by the Federal Reserve Bank of Cleveland? And what was the same accused cybercriminal doing this summer when he allegedly tapped into the secure computers of a large Defense Department contractor that managed systems for military transport movements and other U.S. military operations? Those are among the puzzling questions raised by allegations against Lin Mun Poo, a 32-year-old Malaysia native whose case illustrates the mounting national secrets threats posed by overseas cyber attacks, U.S. law enforcement and intelligence officials tell NBC News. The U.S. government’s case against Poo, who is slated to be arraigned in federal court in Brooklyn on Monday, has so far gotten little attention. But many of the allegations against him seem alarming on their face, according to cybercrime experts. "This is scary stuff," said one U.S. law enforcement official. ( He had what would be called a money bomb; and your firm may have been a targeted firm as well!)
Poo was arrested by Secret Service agents last month shortly after flying into New York's John F. Kennedy airport with a "heavily encrypted" laptop computer containing a "massive quantity of stolen financial account data," including more than 400,000 credit card, debit card and bank account numbers, according to a letter filed by federal prosecutors last week laying out a "factual proffer" of their evidence against Poo. [ Click here to read the prosecutors' letter in PDF format.] (The feds got lucky this time; I would have stayed at home and done it with American Express!) READ THE NEXT PARAGRAPH! He later confessed to federal agents that he had gotten the credit and bank card data by tapping into the computer networks of "several major international banks" and companies, and that he expected to use the data for personal profit, either by selling it or trading it, according to the prosecutors' letter. Poo's court-appointed lawyer did not respond to a request from NBC News for comment. 'Impressive level of criminal activity' But far more disturbing, according to U.S. intelligence officials and computer crime experts, was his penetration of both a Federal Reserve network of 10 computers in Cleveland as well as the secure networks of a "major" Defense Department contractor. According to the prosecutors' letter, the Pentagon contractor, which has not been identified, provides system management for military transport and other "highly-sensitive military operations." "To have the skills to break into highly sensitive systems like that is an impressive level of criminal activity," said Kurt Baumgartner, a senior security researcher for Kaspersky Lab, a computer security firm. While there is much about Poo's alleged activities that remain unexplained — including his purpose in accessing the military contractor's computers — his case underscores the continued vulnerabilities of computer networks that are critical to the country’s national security, U.S. intelligence experts said. "If a guy from Malaysia can get into networks like this, you can imagine what the Chinese and Russians, the people with real capabilities, are able to do," said one former senior U.S. intelligence official, who monitored cyberthreats and asked for anonymity in order to speak candidly. In fact, the penetration of sensitive national security computers by overseas hackers — many of them believed to be state sponsored — is rapidly emerging as one of the country’s most alarming national security threats, officials said. And the threat is not just from foreign governments and for-profit hackers. Officials have also expressed worries that terrorist groups may be capable of the same sorts of sophisticated penetrations. U.S. Undersecretary of Defense Bill Lynn recently disclosed in a Foreign Affairs article that the Pentagon suffered a significant compromise of its classified military computer networks in 2008, when officials discovered that a malicious computer code had been inserted into a U.S. military laptop at a base in the Middle East. ( Click here to read the Foreign Affairs article, registration required.)
The flash drive's code was placed there by a "foreign intelligence agency," Lynn wrote, and quickly spread to the classified network run by the U.S. Central Command. This in turn prompted a Pentagon operation to neutralize the penetration, which was code-named "Buckshot Yankee," according to Lynn’s article. "There was massive concern about that," the former U.S. intelligence official said of the 2008 penetration. "People were freaked out." The foreign intelligence agency was widely believed to be Russia's, the former official said. The country's agents were attempting to "exfiltrate" data from the classified Central Command computers, but Pentagon officials were never able to determine whether they had succeeded in doing so, the official added. That same year, in an incident first reported by Newsweek in November and later amplified in Bob Woodward's recent book, "Obama's Wars," Chinese hackers penetrated the campaign computers of the Barack Obama and John McCain presidential campaigns, prompting the Bush White House to advise both camps to take countermeasures to protect their data. Related article: China web hijacking shows Net at risk As Lynn presented the problem in his article, the penetrations of U.S. military data are growing "exponentially," one of the key reasons the Pentagon recently set up the United States Cyber Command to beef up defenses. "Every day, U.S. military and civilian networks are probed thousands of times and scanned millions of times," Lynn wrote. "Adversaries have acquired thousands of files from U.S. networks and from the networks of U.S. allies and industry partners, including weapons blueprints, operational plans and surveillance data." So far, it is unclear whether Poo’s alleged hacking created any comparable compromise of sensitive U.S. government data. Federal prosecutors allege that he hacked into the Federal Reserve computers in Cleveland by transmitting "malicious" computer codes and commands and that the attack resulted in "thousands of dollars in damages" that affected "10 or more" Federal Reserve computers. But June Gates, a spokeswoman for the Federal Reserve in Cleveland, said the penetration was restricted to a network of "test" computers used for checking out new software and applications and did not contain sensitive Federal Reserve data about banks in the region. She declined, however, to respond to questions about whether Federal Reserve officials were aware of the hacking attack when it occurred in June — or only learned about it last month after Secret Service agents seized Poo’s computer. Troop movements compromised? Pentagon officials said Sunday they were unable to respond immediately to questions about whether Poo's hacking of the contractor's computers had compromised military troop movements. But spokesman Bryan Whitman said in an e-mailed statement to NBC News: "We are keenly aware that our networks are being probed everyday. That's precisely why we have a very robust and layered active defense to protect our networks and preserve our freedom of movement in this domain." Another critical question is whether Poo was working with a larger hacking network and, if so, who may have been a part of it. The indictment against him alleges that he acted "together with others." But the indictment does not identify any co-conspirators. It also does not indicate what Poo expected to do with the data he may have accessed by hacking into the Pentagon contractor computers. [ Click here to read the indictment in PDF format.]
Baumgartner, the computer crime expert, said that so far the information about Poo hacking into military contractor and Federal Reserve computers does not seem to square with the seemingly run-of-the-mill purpose behind his acquisition of stolen credit card and ATM data. He was arrested hours after his arrival at JFK when undercover Secret Service agents observed him allegedly selling stolen credit numbers for $1,000 at a diner in Brooklyn. "It doesn’t add up," Baumgartner said. "This doesn't fit with a profile of somebody from overseas that has infiltrated a defense contractor and the Federal Reserve." So far, almost nothing is known about who Poo really is, what his motivations are, and who his accomplices might be. But Baumgartner said he believes "that there's a lot more to do this story that hasn't come out." This not a drill; this is not Hollywood, this is reality from across the world. This is Sneakers meets the BB&T Challenge! Targeting BB&T offices and infrastructure
BB&T Corp Company Description BB&T Corporation is a financial holding company. The Company conducts its business operations mainly through its commercial bank subsidiary, Branch Banking and Trust Company 'Branch Bank', which has offices in North Carolina, South Carolina, Virginia, Maryland, Georgia, West Virginia, Tennessee, Ken... BB&T Corporation is a financial holding company. The Company conducts its business operations mainly through its commercial bank subsidiary, Branch Banking and Trust Company 'Branch Bank', which has offices in North Carolina, South Carolina, Virginia, Maryland, Georgia, West Virginia, Tennessee, Kentucky, Alabama, Florida, Indiana and Washington, D.C. In addition, the Company's operations consist of a federally chartered thrift institution, BB&T Financial, FSB and several nonbank subsidiaries, which offer financial services products. Substantially all of the loans by the Company's subsidiaries are to businesses and individuals in these market areas. On December 12, 2008, the Company announced the acquisition of all the deposits of Haven Trust Bank 'Haven Trust' of Duluth, Georgia through an agreement with the FDIC. During 2008, BB&T acquired eleven insurance businesses and one nonbank financial services company. Branch Bank provides a range of banking services to individuals and businesses and offers a variety of loans to businesses and consumers. Such loans are made mainly to individuals residing in the market areas described above or to businesses located within The Company's geographic footprint. Branch Bank also markets a range of deposit services to individuals and businesses. Branch Bank offers, either directly, or through its subsidiaries, lease financing to businesses and municipal governments; factoring; discount brokerage services, annuities and mutual funds; life insurance, property and casualty insurance, health insurance and commercial general liability insurance on an agency basis and through a wholesale insurance brokerage operation; insurance premium financing; permanent financing arrangements for commercial real estate; loan servicing for third-party investors; direct consumer finance loans to individuals; and trust services. The direct nonbank subsidiaries of the Company provide a variety of financial services including automobile lending, equipment financing, full-service securities brokerage, payroll processing, asset management and capital markets services. The Company's banking operations are locally oriented and community-based. The subsidiaries of the Company compete actively with national, regional and local financial services providers, including banks, thrifts, securities dealers, mortgage bankers, finance companies and insurance companies. The Company's main market area consists of North and South Carolina, Virginia, Maryland, Georgia, eastern Tennessee, West Virginia, Kentucky, Florida and Washington, D.C. It is regulated under federal and state banking laws and regulations. Officers and Executives» Name Compensation Officer Since Title Kelly S. King 1.97M 1996
CEO/CEO, Subsidiary/Chairman of the Board/Chairman of the Board, Subsidiary/Director/President Daryl N. Bible 652,082 2009 CFO/Senior Executive VP Cynthia B. Powell - 2009 Chief Accounting Officer/Controller/Senior VP Clarke R. Starnes,III - 2000 Chief Credit Officer/Chief Risk Officer/Senior Executive VP Christopher L. Henson 877,048 2005 COO Or some of you new hires: New Hires and Recent Promotions at BB&T Scott Taylor, CPA Vice President, LOB Strategic Finance was Vice President, Financial Reporting and Analysis 4 months ago
Erica Cassidy Executive Search Consultant/AVP was Employment Consultant IV/AVP - Executive Search 2 months ago Lori Pierce, CCSA Audit Project Leader, AVP was Senior Internal Auditor, AVP 3 months ago Bill Lehmann VP / Business Services Officer was Regional Special Assets Officer / VP 4 months ago Tom McFarland IT Business Services Manager was PMO Director Then we have this tidbit to nibble on: POLITICAL COMMITTEE DISCLOSURE REPORT Export data to .CSV COVER Committee Name Committee Type SBoE ID Report Type Period Covered BRANCH BANK AND TRUST NORTH CAROLINA PAC 150 SOUTH STRATFORD ROAD SUITE 401 WINSTON SALEM, NC Political Action Committee 7100001 2001 Mid Year Semi-Annual From: 01/01/2001 To: 06/30/2001 Filed: 07/27/2001
27104 OFFICERS Type Name Address Treasurer SCOTT NULL 150 SOUTH STRATFORD ROAD, WINSTON SALEM, NC, 27104 ACCOUNTS Name Type Address Purpose Begin Balance End Balance NC ACCOUNT - BRANCH BANKING & TRUST COMPANY Bank Account P. O. BOX 1290, WINSTON SALEM, NC 27102-1290 SUMMARY Total this Period Total this Election Cash on Hand at Beginning $101,203.39 $101,203.39 RECEIPTS Individuals other than Political Committees: Itemized $403.20 $403.20 Individuals other than Political Committees: Unitemized $13,219.18 $13,219.18 Individuals other than Political Committees: Total $13,622.38 $13,622.38 Political Party Committees $0.00 $0.00 Other Political Committees (such as PACs) $0.00 $0.00 Total Contributions $13,622.38 $13,622.38 Loan Proceeds $0.00 $0.00 Refunds/Reimbursements To the Committee $250.00 $250.00 Interest on Bank Accounts $0.00 $0.00 Total Receipts $13,872.38 $13,872.38 EXPENDITURES Operating Expenditures $13,000.00 $13,000.00 Contributions to Candidates/Political Committees $14,000.00 $14,000.00 Coordinated Party Expenditures $0.00 $0.00 Loan Repayments $0.00 $0.00 Total Expenditures $27,000.00 $27,000.00 Cash on Hand at End of Reporting Period $88,075.77 $88,075.77 ADDITIONAL INFORMATION Debts and Obligations owed BY the Committee $0.00 Debts and Obligations owed TO the Committee $0.00 RECEIPTS First Prev 1 of 1 Next Last Date Is Prio r Name of Contributor and Complete Mailing Receipt Type Purpos e Descriptio n Accou nt Code Form of Payme nt Amount of Receipt Sum To Date
Address 06/30/200 1 Aggregated Individual Contribution Individual Contribution $13219.1 8 $13219.1 8 01/09/200 1 ELAINE MARSHALL FOR SENATE 1000 KEITH HILLS DR LILLINGTO N, NC 27546 Refund/Reimbursm ent to the Committee $250.00 $250.00 01/30/200 1 KELLY S KING SENIOR VICE PRESIDENT BB&T 2530 COUNTRY CLUB RD WINSTON SALEM, NC 27104 Individual Contribution $17.20 $17.20 02/27/200 1 KELLY S KING SENIOR VICE PRESIDENT BB&T 2530 COUNTRY CLUB RD WINSTON SALEM, NC 27104 Individual Contribution $17.20 $34.40 03/29/200 1 KELLY S KING SENIOR VICE PRESIDENT BB&T 2530 COUNTRY CLUB RD Individual Contribution $17.20 $51.60
WINSTON SALEM, NC 27104 04/27/200 1 KELLY S KING SENIOR VICE PRESIDENT BB&T 2530 COUNTRY CLUB RD WINSTON SALEM, NC 27104 Individual Contribution $17.20 $68.80 05/30/200 1 KELLY S KING SENIOR VICE PRESIDENT BB&T 2530 COUNTRY CLUB RD WINSTON SALEM, NC 27104 Individual Contribution $17.20 $86.00 06/28/200 1 KELLY S KING SENIOR VICE PRESIDENT BB&T 2530 COUNTRY CLUB RD WINSTON SALEM, NC 27104 Individual Contribution $17.20 $103.20 01/30/200 1 ROBERT F MYERS VP BB&T 116 GOLDEN BEN LN Individual Contribution $25.00 $25.00
CLEMMONS, NC 27012 02/27/200 1 ROBERT F MYERS VP BB&T 116 GOLDEN BEN LN CLEMMONS, NC 27012 Individual Contribution $25.00 $50.00 03/29/200 1 ROBERT F MYERS VP BB&T 116 GOLDEN BEN LN CLEMMONS, NC 27012 Individual Contribution $25.00 $75.00 04/27/200 1 ROBERT F MYERS VP BB&T 116 GOLDEN BEN LN CLEMMONS, NC 27012 Individual Contribution $25.00 $100.00 05/30/200 1 ROBERT F MYERS VP BB&T 116 GOLDEN BEN LN CLEMMONS, NC 27012 Individual Contribution $25.00 $125.00 06/28/200 1 ROBERT F MYERS VP BB&T 116 GOLDEN BEN LN CLEMMONS, NC 27012 Individual Contribution $25.00 $150.00
01/30/200 1 HENRY G WILLIAMSO N CHIEF OPERATION S OFFICER BB&T 4909 KNOB VIEW CT WINSTON SALEM, NC 27104 Individual Contribution $25.00 $25.00 02/27/200 1 HENRY G WILLIAMSO N CHIEF OPERATION S OFFICER BB&T 4909 KNOB VIEW CT WINSTON SALEM, NC 27104 Individual Contribution $25.00 $50.00 03/29/200 1 HENRY G WILLIAMSO N CHIEF OPERATION S OFFICER BB&T 4909 KNOB VIEW CT WINSTON SALEM, NC 27104 Individual Contribution $25.00 $75.00 04/27/200 1 HENRY G WILLIAMSO N CHIEF OPERATION S OFFICER BB&T 4909 KNOB VIEW CT WINSTON SALEM, NC Individual Contribution $25.00 $100.00
27104 05/30/200 1 HENRY G WILLIAMSO N CHIEF OPERATION S OFFICER BB&T 4909 KNOB VIEW CT WINSTON SALEM, NC 27104 Individual Contribution $25.00 $125.00 06/28/200 1 HENRY G WILLIAMSO N CHIEF OPERATION S OFFICER BB&T 4909 KNOB VIEW CT WINSTON SALEM, NC 27104 Individual Contribution $25.00 $150.00 Total ALL Receipts: $13,872.3 8 First Prev 1 of 1 Next Last EXPENDITURES First Prev 1 of 1 Next Last Date Name of Payee and Complete Mailing Address Expenditu re Type Purpose In-Kind Descriptio n Accoun t Code Form of Payme nt Amount of Expenditu re Sum to Date 01/09/200 1 GNOSSOS SOFTWARE 1625 K ST NW/STE 1250 WASHINGTON , DC 20006 Operating Expense SOFTWARE PURCHASE $8000.00 $8000.00 04/22/200 1 GNOSSOS SOFTWARE 1625 K ST NW/STE 1250 WASHINGTON , DC 20006 Operating Expense SOFTWARE PURCHASE $4000.00 $12000.0 0
05/15/200 1 GREATER RALEIGH CHAMBER OF COMMERCE PO BOX 2978 RALEIGH, NC 27602 Operating Expense SPONSORING LEGISLATIVE RECEPTIONIS T $1000.00 $1000.00 06/26/200 1 NC BANKERS ASSN PAC PO BOX 19999 RALEIGH, NC 27619-1999 Contributio n to Candidate or Political Committee CONTRIBUTIO N $2500.00 $2500.00 03/22/200 1 NC FORUM FOR RES & ECON ED PAC 5 W HARGETT ST STE 1110 RALEIGH, NC 27601 Contributio n to Candidate or Political Committee CONTRIBUTIO N $10000.00 $10000.0 0 05/30/200 1 THE JUSTICE COMM PO BOX 2277 RALEIGH, NC 27602 Contributio n to Candidate or Political Committee CONTRIBUTIO N $500.00 $500.00 05/30/200 1 TYSON FOR COURT COMM 410 RAMSEY ST STE 100 FAYETTEVILL E, NC 28301- 4910 Contributio n to Candidate or Political Committee CONTRIBUTIO N $1000.00 $1000.00 Total ALL Expenditures: $27,0 The great democratic process at work? Or is it a blueprint for disaster? If I have a basis to work with when it comes to address of the main players in the company, then I have the keys to the kingdom.
This is just a small synopsis of the 3 Hour Tour of the web exposure of and to your firm. Not included were telephone network maps, information network superstructure or carries or technologies. But what was not included is a full investigation of general information of BB&T corporate structure or investigation of the backgrounds of employees. It is with such basic information to cajole, blackmail, force, kidnap, add subterfuge to the mixture or any other aspect of possible criminal activities; or the ability to infiltrate YOUR NETWORKS AND SECURITY without detection or discovery until it is too late. The thought is to provide you with a workable, possible, logical and cost effective program for both yourselves and then pass such knowledge onto the clients. Thank you for your time today reading this exposé’s. Ian A. Murphy
Rescued BB&T document 4

Recommended

Business 2 Students: AI & de impact op de juridische wereld.
Business 2 Students: AI & de impact op de juridische wereld. Business 2 Students: AI & de impact op de juridische wereld.
Business 2 Students: AI & de impact op de juridische wereld. Matthias Dobbelaere-Welvaert
 
The High Price Of Faking Your Pci Compliance Status
The High Price Of Faking Your Pci Compliance StatusThe High Price Of Faking Your Pci Compliance Status
The High Price Of Faking Your Pci Compliance StatusGlobalDataLock.com
 
Lathrop & Gage Legal Pitfalls Presentation
Lathrop & Gage Legal Pitfalls PresentationLathrop & Gage Legal Pitfalls Presentation
Lathrop & Gage Legal Pitfalls PresentationSocial Media Club of Kansas City
 
The Trust Paradox
The Trust ParadoxThe Trust Paradox
The Trust ParadoxCognizant
 
The New Prospecting Frontier
The New Prospecting FrontierThe New Prospecting Frontier
The New Prospecting FrontierPeggy Santmyer
 
Communique issued at the End of 2011 Ekiti State Education Summit
Communique issued at the End of 2011 Ekiti State Education SummitCommunique issued at the End of 2011 Ekiti State Education Summit
Communique issued at the End of 2011 Ekiti State Education SummitGovernment of Ekiti State, Nigeria
 
Summer Infant Appoints Ronald T. Cardone as Senior Vice President, Informatio...
Summer Infant Appoints Ronald T. Cardone as Senior Vice President, Informatio...Summer Infant Appoints Ronald T. Cardone as Senior Vice President, Informatio...
Summer Infant Appoints Ronald T. Cardone as Senior Vice President, Informatio...internetmarketingoutsourcing59
 
Cyber
Cyber Cyber
Cyber Alberto Peñaranda Echevarría
 

Recommended

Business 2 Students: AI & de impact op de juridische wereld.
Business 2 Students: AI & de impact op de juridische wereld. Business 2 Students: AI & de impact op de juridische wereld.
Business 2 Students: AI & de impact op de juridische wereld. Matthias Dobbelaere-Welvaert
 
The High Price Of Faking Your Pci Compliance Status
The High Price Of Faking Your Pci Compliance StatusThe High Price Of Faking Your Pci Compliance Status
The High Price Of Faking Your Pci Compliance StatusGlobalDataLock.com
 
Lathrop & Gage Legal Pitfalls Presentation
Lathrop & Gage Legal Pitfalls PresentationLathrop & Gage Legal Pitfalls Presentation
Lathrop & Gage Legal Pitfalls PresentationSocial Media Club of Kansas City
 
The Trust Paradox
The Trust ParadoxThe Trust Paradox
The Trust ParadoxCognizant
 
The New Prospecting Frontier
The New Prospecting FrontierThe New Prospecting Frontier
The New Prospecting FrontierPeggy Santmyer
 
Communique issued at the End of 2011 Ekiti State Education Summit
Communique issued at the End of 2011 Ekiti State Education SummitCommunique issued at the End of 2011 Ekiti State Education Summit
Communique issued at the End of 2011 Ekiti State Education SummitGovernment of Ekiti State, Nigeria
 
Summer Infant Appoints Ronald T. Cardone as Senior Vice President, Informatio...
Summer Infant Appoints Ronald T. Cardone as Senior Vice President, Informatio...Summer Infant Appoints Ronald T. Cardone as Senior Vice President, Informatio...
Summer Infant Appoints Ronald T. Cardone as Senior Vice President, Informatio...internetmarketingoutsourcing59
 
Cyber
Cyber Cyber
Cyber Alberto Peñaranda Echevarría
 
2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper Final2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper FinalLarry Taylor Ph.D.
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowSandra Fathi
 
B crisis
B crisisB crisis
B crisisJose Patrick
 
Digital Espionage and Business Intelligence
Digital Espionage and Business IntelligenceDigital Espionage and Business Intelligence
Digital Espionage and Business IntelligenceRoopak K Prajapat
 
Cyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an AuditCyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an AuditNationalUnderwriter
 
BSA Regulations
BSA RegulationsBSA Regulations
BSA RegulationsBrianna Johnson
 
The Future of Cybersecurity
The Future of CybersecurityThe Future of Cybersecurity
The Future of CybersecurityTheWiltonBainGroup
 
Think You’re Covered? Think Again: Cybersecurity, Data Privacy, and Cyber Ins...
Think You’re Covered? Think Again: Cybersecurity, Data Privacy, and Cyber Ins...Think You’re Covered? Think Again: Cybersecurity, Data Privacy, and Cyber Ins...
Think You’re Covered? Think Again: Cybersecurity, Data Privacy, and Cyber Ins...Withum
 
Aftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
Aftab Hasan Speaking at Cyber Security in Banking Conference - DubaiAftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
Aftab Hasan Speaking at Cyber Security in Banking Conference - DubaiAftab Hasan
 
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...Financial Poise
 
Cyber Risk for Construction Industry
Cyber Risk for Construction Industry Cyber Risk for Construction Industry
Cyber Risk for Construction Industry BrianHuntMSFCPACRISC
 
The Unseen Enemy - Protecting the Brand, the Assets and the Customers
The Unseen Enemy - Protecting the Brand, the Assets and the Customers The Unseen Enemy - Protecting the Brand, the Assets and the Customers
The Unseen Enemy - Protecting the Brand, the Assets and the Customers BDO_Consulting
 
Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...Compliancy Group
 
News letter feb 11
News letter feb 11News letter feb 11
News letter feb 11captsbtyagi
 
The RISE of 2015 - Changes in the Digital Landscape
The RISE of 2015 - Changes in the Digital LandscapeThe RISE of 2015 - Changes in the Digital Landscape
The RISE of 2015 - Changes in the Digital LandscapeJustice Mitchell
 
Leveraging & Protecting Trade Secrets in the 21st Century (Series: INTELLECTU...
Leveraging & Protecting Trade Secrets in the 21st Century (Series: INTELLECTU...Leveraging & Protecting Trade Secrets in the 21st Century (Series: INTELLECTU...
Leveraging & Protecting Trade Secrets in the 21st Century (Series: INTELLECTU...Financial Poise
 
GPDR_Get-Data-Protection-Right
GPDR_Get-Data-Protection-RightGPDR_Get-Data-Protection-Right
GPDR_Get-Data-Protection-RightJames '​-- Mckinlay
 
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...Citrin Cooperman
 
Jim Barton
Jim BartonJim Barton
Jim BartonSusan Cox
 
No byod policy? Time to grasp the nettle
No byod policy? Time to grasp the nettleNo byod policy? Time to grasp the nettle
No byod policy? Time to grasp the nettleLogicalis
 

More Related Content

Similar to Rescued BB&T document 4

2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper Final2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper FinalLarry Taylor Ph.D.
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowSandra Fathi
 
Digital Espionage and Business Intelligence
Digital Espionage and Business IntelligenceDigital Espionage and Business Intelligence
Digital Espionage and Business IntelligenceRoopak K Prajapat
 
Cyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an AuditCyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an AuditNationalUnderwriter
 
Think You’re Covered? Think Again: Cybersecurity, Data Privacy, and Cyber Ins...
Think You’re Covered? Think Again: Cybersecurity, Data Privacy, and Cyber Ins...Think You’re Covered? Think Again: Cybersecurity, Data Privacy, and Cyber Ins...
Think You’re Covered? Think Again: Cybersecurity, Data Privacy, and Cyber Ins...Withum
 
Aftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
Aftab Hasan Speaking at Cyber Security in Banking Conference - DubaiAftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
Aftab Hasan Speaking at Cyber Security in Banking Conference - DubaiAftab Hasan
 
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...Financial Poise
 
Cyber Risk for Construction Industry
Cyber Risk for Construction Industry Cyber Risk for Construction Industry
Cyber Risk for Construction Industry BrianHuntMSFCPACRISC
 
The Unseen Enemy - Protecting the Brand, the Assets and the Customers
The Unseen Enemy - Protecting the Brand, the Assets and the Customers The Unseen Enemy - Protecting the Brand, the Assets and the Customers
The Unseen Enemy - Protecting the Brand, the Assets and the Customers BDO_Consulting
 
Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...Compliancy Group
 
News letter feb 11
News letter feb 11News letter feb 11
News letter feb 11captsbtyagi
 
The RISE of 2015 - Changes in the Digital Landscape
The RISE of 2015 - Changes in the Digital LandscapeThe RISE of 2015 - Changes in the Digital Landscape
The RISE of 2015 - Changes in the Digital LandscapeJustice Mitchell
 
Leveraging & Protecting Trade Secrets in the 21st Century (Series: INTELLECTU...
Leveraging & Protecting Trade Secrets in the 21st Century (Series: INTELLECTU...Leveraging & Protecting Trade Secrets in the 21st Century (Series: INTELLECTU...
Leveraging & Protecting Trade Secrets in the 21st Century (Series: INTELLECTU...Financial Poise
 
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...Citrin Cooperman
 
No byod policy? Time to grasp the nettle
No byod policy? Time to grasp the nettleNo byod policy? Time to grasp the nettle
No byod policy? Time to grasp the nettleLogicalis
 

Similar to Rescued BB&T document 4 (20)

2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper Final2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper Final
 
Cyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to KnowCyber Security 101: What Your Agency Needs to Know
Cyber Security 101: What Your Agency Needs to Know
 
B crisis
B crisisB crisis
B crisis
 
Digital Espionage and Business Intelligence
Digital Espionage and Business IntelligenceDigital Espionage and Business Intelligence
Digital Espionage and Business Intelligence
 
Cyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an AuditCyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
Cyber Security and Insurance Coverage Protection: The Perfect Time for an Audit
 
BSA Regulations
BSA RegulationsBSA Regulations
BSA Regulations
 
The Future of Cybersecurity
The Future of CybersecurityThe Future of Cybersecurity
The Future of Cybersecurity
 
Think You’re Covered? Think Again: Cybersecurity, Data Privacy, and Cyber Ins...
Think You’re Covered? Think Again: Cybersecurity, Data Privacy, and Cyber Ins...Think You’re Covered? Think Again: Cybersecurity, Data Privacy, and Cyber Ins...
Think You’re Covered? Think Again: Cybersecurity, Data Privacy, and Cyber Ins...
 
Aftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
Aftab Hasan Speaking at Cyber Security in Banking Conference - DubaiAftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
Aftab Hasan Speaking at Cyber Security in Banking Conference - Dubai
 
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
Data Breach Response: Before and After the Breach (Series: Cybersecurity & Da...
 
Cyber Risk for Construction Industry
Cyber Risk for Construction Industry Cyber Risk for Construction Industry
Cyber Risk for Construction Industry
 
The Unseen Enemy - Protecting the Brand, the Assets and the Customers
The Unseen Enemy - Protecting the Brand, the Assets and the Customers The Unseen Enemy - Protecting the Brand, the Assets and the Customers
The Unseen Enemy - Protecting the Brand, the Assets and the Customers
 
Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...Where security and privacy meet partnering tips for CSOs and privacy/complian...
Where security and privacy meet partnering tips for CSOs and privacy/complian...
 
News letter feb 11
News letter feb 11News letter feb 11
News letter feb 11
 
The RISE of 2015 - Changes in the Digital Landscape
The RISE of 2015 - Changes in the Digital LandscapeThe RISE of 2015 - Changes in the Digital Landscape
The RISE of 2015 - Changes in the Digital Landscape
 
Leveraging & Protecting Trade Secrets in the 21st Century (Series: INTELLECTU...
Leveraging & Protecting Trade Secrets in the 21st Century (Series: INTELLECTU...Leveraging & Protecting Trade Secrets in the 21st Century (Series: INTELLECTU...
Leveraging & Protecting Trade Secrets in the 21st Century (Series: INTELLECTU...
 
GPDR_Get-Data-Protection-Right
GPDR_Get-Data-Protection-RightGPDR_Get-Data-Protection-Right
GPDR_Get-Data-Protection-Right
 
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
Cybersecurity Disrupters and Cybersecurity Insurance in the COVID-19 Era – Is...
 
Jim Barton
Jim BartonJim Barton
Jim Barton
 
No byod policy? Time to grasp the nettle
No byod policy? Time to grasp the nettleNo byod policy? Time to grasp the nettle
No byod policy? Time to grasp the nettle
 

Rescued BB&T document 4

  • 1. Branch Banking and Trust Technical Security and Information Security Consultation Proposal Prepared by Ian A. Murphy, IAM / Secure Data Systems
  • 2. Let us begin with a little bit of humor even though we are talking of a fiscally corporate deadly situation; and think back to the theme song of Gilligan's Island. As the song goes, they were out on the three hour tour. When the tiny ship was tossed; but it was not for the fearless crew the Minnow would be lost, the Minnow would be lost. The ship struck ground on this desert isle with Gilligan, the Skipper too, the Millionaire and his Wife, the Movie Star and Marianne and the Professor here on Gilligan's Island! Or does BB&T consider itself like the movie Forbidden Planet; safe as the IT security personnel and the corporate security VP think that they are safe from invasion?
  • 3. Or is it more like War of the Worlds? or Or The Hacker World and Criminal Enterprises and Others versus the Good Guys. Now what does this mean to Branch Banking and Trust? What it means is that a simple sojourn into the pile of the Internet has provided a basic wealth of information and of the corporate exposure to the Internet work purposes that could be used to exploit your weaknesses that are yet to be known by you, but could be exploited by persons with nefarious and unsavory intentions. The aspect that so many landed on Gilligan’s Island and left without taking them along to be rescued is one thing; or is it to be ―Forbidden Planet where Morpheus and Robby the Robot take control and the Krell are now back in charge after the crew of the rescue ship Versarius were told not to land. This all seems strange to you right now; but the avenues that we are traversing right now are ones that can be both fun and exciting and most of all educational to the corporate multi-state environments and cultures as demonstrated by the inclusive information; or dangerous and lethal to the corporate structure. Now it is said that the best way to introduce yourself to a company or to a potential clients is through networking. That is how this project began. The initial idea was to both ensure that the Corp.; and then it;s high net worth clients along with its high net worth Corp. Clients were made aware of various information, telecommunications, technical surveillance and countermeasures, physical security, and overall total security from any exposure to both the outside world and also to educate to the internal world of BB&T.
  • 4. While this is not a hilarious situation. It is very well possible that this three-hour tour of the Internet seeking out information about BB&T has been an eye-opening experience and something that can be used to gather and garner new clients and also provide internal concerns being addressed and also from behind high net worth clients and behind high net worth Corp. clients; a possibility of bringing about an educational capability that they never thought of; but the vast potential of expanding the business footprint of BB&T corporation through the subtle use of Humor, Education, quantified and qualified education, the constant reiteration of the Ethical Standards of BB&T and other aspects of these ideas; are to promote BB&T to be as the advertising states: Best bank In Town This is War Games! In addition, this is the game called Global Thermo- Nuclear Warfare and you are a target rich environment. It is of this nature that we present these ideas and basic information that was gleaned from the Internet on this Gilligan’s three-hour tour but found War of the Worlds and Forbidden Planet to be the reality of the situation. The simple fact that BB&T is the desert island and open to exposure through the Internet, along with its clients and its own internal structures is one that should not be taken lightly. The simple fact comes down to that a person or persons in any nation, state, or criminal enterprise has the opportunity to go ahead and exploit some of the vulnerabilities that have been found in this basic three- hour tour. With a much deeper examination and without spending any money, we were able to go ahead and find a number of pieces of information of this jigsaw puzzle that gives us a basic overview of the Corp. and its senior staff along with some of the general staff that have worked for the company and could be brought about to reveal secrets and trade infringements which could put the company in jeopardy.
  • 5. Now, why would we undertake such a potential examination of BB&T in the first place? Well, the first reason is due to the fact that we are a potential high net worth client and have brought a number of other accounts to the corporation itself through our personal contact, which we are very grateful to have and have found that there intuition and inspiration along with my personal education to this person has been one of an eye-opening experience. BB&T has a long history of being a conservative banking institution, as it is well-known and then outlines in this document. To repeat, what is already in this document concerning the history of BB&T is a useless waste of time. But the interesting fact is that the simple gathering of information about BB&T and its operations, and the potential of its operations being disrupted, or possibly compromised in a situation that will or could be both publicly embarrassing as most corporations will not reveal that they have had their systems compromised; and will only do it on a quiet basis to their affected customers and clients offers a unique ability to go ahead and overrule such capabilities before they occur. Please think back to the T.J. Maxx incident of 10 million debit and credit cards numbers being stolen.
  • 6. Now as Gilligan; without much knowledge of your basic operation in general; I was able to gather up a number of interesting pieces of the puzzle of BB&T. But with a concerted effort authorized by BB&T; a technical surveillance and countermeasures program would be put in place along with information warfare and security program and a basic educational program for all employees to recognize the threats that come from the outside and internal workings of BB&T Corp., it basically comes down to this one simple point; that the exposure of BB&T, or any other corporation strictly is dependent upon the ability of the corporate entity to realize that it has weaknesses are being exposed on the World Wide Web in a multitude of fashion and fashions due to such actions as MySpace or Facebook, or any other social networking site, Wi-Fi, also conference attendance without proper ethical and legal and information warfare instructions and training to know when the fact that so-called aspects such as social engineering or business intelligence is being conducted without their knowledge for the benefit of the competitors for their clients. In simple terms, were are technicians, not politicians. WE report our findings and it is up to you to make the call to insure your business integrity or not. In reference to the high net worth clients and high net worth corporations who are also clients; the ability to offer a technical security team at of course, a premium to the client gives them both peace of mind and the ability to contact a corporate security officer, who would then coordinate a specified response to the clients needs. This can also be accomplished due to the fact that there is an insurance division of BB&T and would be considered an additional insurance policy provided to the client at a small premium due to the fact that most clients will not have the need to have such specialized electronic and physical security evaluations on a continual basis. Of course, there are those clients that need special handling that will require a prerequisite of physical, electronic, electromechanical and over all technical surveillance and countermeasures capabilities available at the ready upon the client’s request. That type of particular clients is one that is required by the company and wishes to be capped by the company as a client and this type of service is one that gives the client peace of mind.
  • 7. The same way that BB&T has a corporate security officer in charge of investigations who is a vice president and that BB&T also has a disaster recovery program in place for its information systems; but does BB&T have an over all security program in place and operational for the requirements of the needs of the corporation at the time of the need to Corp?
  • 8. During this sojourn of a three-hour tour of the Internet in basic research of BB&T Corp. were able to find the chairman of the board's home address, the political action committee, a number of employees, both past and present, the recent new employees and their positions and titles, their addresses of their homes, which gives us the capability to find out even more about them and to possibly use them for nefarious purposes. If that was our goal. But since our goal is to act as a protective shield for BB&T Corp., and to allow us the capabilities of both sweeping particularly sensitive areas and allowing the director of corporate security to place his input in along with our input as a total team commitment offers up a security overall protective force field . An overall, bubble that should be put in place immediately. Information is power, knowledge is power and the Internet provides so much power into the hands of the potential adversary to the Corp. or to the potential competitor for both clients, corporate information, high net worth abilities and clients, and over all business intelligence is one that should be considered by BB&T to be unacceptable, and not insurmountable.
  • 9. Now, while the aspect of an specialized outside team coming in with fresh objectified eyes and offering its expertise and mindset from a standpoint that is much different than the current security operations of BB&T, or any other former or current client organization has always been one that has been a delicate dance that offers up the chance to step on some toes at times, and anchored dues paying for results that are not advantageous to the current corporate security posture. In this aspect; our goal is not to go ahead and produce an untenable situation where the BB&T security operations are left open to compromise and to conflict, but to enhance the security operations through new ideas and unique capabilities that are currently not in the BB&T security operations theater.
  • 10. Just why would such efforts to discover BB&T’s Background and weakness? With just a few short hours of research, we were able to come up with a small sample of your total exposure to your corporation which makes it vulnerable to compromise and breeches. A person seeking to do damage or other nefarious deeds could dig deeper with more time and a systematic plan of attack on your networks. A concentrated penetration attack upon your infrastructure includes, physical, electronic and electro-mechanical . One type of Attack would be with ZeuS or SpyEye as simple examples of you possibility of attack without your knowledge. Here is a small example of just some of the outlets of ZeuS: 1. “Kneber” = Zeus | Symantec Connect Feb 18, 2010... being reported as a new type of computer virus known as ―Kneber.‖ In reality Kneber is simply a pseudonym for the Zeus Trojan/botnet. ... www.symantec.com/connect/blogs/kneber-zeus - Cached - Similar ► 2. New trojan virus Zeus v3 empties online bank accounts | Mail Online Aug 11, 2010 ... The latest attack involved a Trojan called Zeus v3 which hides inside adverts on legitimate websites. Once installed on a home computer, ... www.dailymail.co.uk/.../New-trojan-virus-Zeus-v3-empties-online-bank-accounts.html 3. Computer Virus Attacks Cobb County Woman - News Story - WSB Atlanta He actually tracked the origin of the Zeus virus to a hacker in Russia. The program sits on your computer until you sign on to a financial ... www.wsbtv.com/news/19022761/detail.html - Cached - Similar 4. Computer Virus: Zeus Virus: Becoming more powerful Apr 22, 2010 ... Zeus virus comes of revision 1.6 with the capability of attacking Firefox and Internet Explorer. A truth that gives a chance for the Google ... creatingcomputervirus.blogspot.com/.../zeus-virus-becoming-more-powerful.html - Cached 5. New Study Finds Computer Virus 'Zeus Bot' in Internet Postcards ... Jul 25, 2009 ... A computer forensics study reveals that phony Internet postcards presently hitting users' inboxes contain a PC virus called Zeus Bot. www.spamfighter.com/News-12877-New-Study-Finds-Computer-Virus-Zeus-Bot-in-Internet- Postcards.htm - Cached - Similar 6. Zeus Virus Malware – Most Software Cannot Detect This Trojan zeus virus malware Zeus is a financial malware. It infects consumer PCs, waits for them to log ... The safety of your computer is within your own hands. ... thepcsecurity.com › News - Cached - Similar
  • 11. 7. Computer Virus Zeus V3 Hits Large UK Financial Institution And ... Aug 11, 2010 ... Thousands of online banking customers have had their accounts drained by a sophisticated new computer virus, internet security experts say. news.sky.com/.../Computer-Virus-Zeus.../201008215681025 - United Kingdom 8. U.S. Makes Arrests in “Zeus” Computer Fraud Oct 1, 2010 ... By Jane Jamison Let this story on the Zeus Trojan serve as your ... Tagged as: bank fraud, computer, phishing, trojan, virus, worm, Zeus ... www.uncoverage.net/.../u-s-makes-arrests-in-zeus-computer-fraud/ - Cached 9. Two held over ZeuS trojan virus that steals personal data ... Nov 18, 2009 ... Computer hacker The Zeus or Zbot virus can steal users' bank details, passwords, credit card numbers and other information. ... www.guardian.co.uk/technology/.../zeus-zbot-trojan-virus - Cached - Similar 10.Hackers Use Zeus v3 Virus to Target Bank Accounts Aug 15, 2010 ... Zeus v3 Trojan Virus Malicious hackers are targeting people in the UK with a dangerous computer virus called Zeus v3 to wipe out bank ... www.wpsecuritylock.com/beware-hackers-use-zeus-v3-virus-to-target-bank-accounts/ - Cached Well to answer the question; it is very simple. The ideas presented are for both the corporation and for it’s corporate clients and to also provide security consultation to high net worth clients and the general public customer. If you are selling Quicken to everyone, why not sell security as well as part of the package too? The various stages of security consultation for the company are to include Technical Surveillance and Counter- Measures, Information Systems Security (you just got hit with a virus a few months ago if memory serves me correctly) and to provide a service that no other banking institution could offer with the various insurance and other service besides banking to customers, employees, clients and others who would require and could be provided as a service for a fee to the clients through the Corporate Security Division. If the banking side of the house and the insurance side of the house were to combine in a manner that offers such services as a piece of mind service to the customers, the exponential value in Goodwill and customer loyalty grows each and every day with them knowing that their assets are protected to the very best security science can offer. From the Technical security & counter-measures side inclusive of all computer systems, employee awareness and other aspects of Information Warfare counter-measures to the protection of vital and needed corporate data and programs secure. Currently you offer Quicken as part of a service that comes with the customer experience territory. A very nice offering indeed. No other banking institution that we know out there wants to serve the customer with such unique service and offerings. But along with the Quicken service, maybe the thought of providing to the general customer something that we have not seen in any other banking concern. The possibility of making aware the average customer of Information Security and their banking needs and your services.
  • 12. This can be done as a networking type of event with an after business hours event to allow those who are concerned with their own security for banking purposes; or their business concern’s in addition a chance to meet and greet other clients who wish to network their own business and maybe share their horror stories of Information Security and a chance for all attendee’s to learn and share both business stories, information horror stories, provide a number of vendors of security service such as the team presented to you in this very basic proposal and the chance for them to interact with the clients and to also provide the Banking side of the house the chance to join in a lively open discussion with the clients as to their needs both banking and of their own security concerns. . This following web page comes from your web site and should be more prominent in it accessibility. While we applaud the effort and the sincerity of such a web page, it was only discovered by a web search of BB&T Information Security policies and procedures. So no one really reads it : Protecting Your Internet Activities and Electronic Data With more of our financial activities occurring over the Internet, it is important to be aware of risks these activities entail and steps you can take to reduce the risk that someone will illegally gain access to your private information or financial accounts. Common Internet scams Auction fraud - This may take many forms including emails saying you have a second chance to buy an auction item, non-delivery of an item purchased in an auction, defective merchandise or receiving cheaper merchandise. Advance payment frauds - Emails asking for help in getting money out of a country or advising you that you won a lottery lead to requests for money to cover legal fees, taxes, bribes, processing costs and taxes. Phishing - Emails notifying you that an institution or store need confirmation of account information lead to a fake (or spoofed) website that looks legitimate but is just a place to disclose personal information to fraudsters. BB&T will never ask you for confidential information through email or pop- up windows. Hot stock promotions - Emails, online newsletters and bulletin boards may be nothing more than a scam artist's attempt to have you drive up the price of a stock so they can sell their shares. This is often used with cheap and thinly traded stocks. Protecting your online activities Be careful using public computers. Using a computer at a cyber café or a free computer at a trade show can be dangerous. The computer may be programmed to capture user names and passwords. If you use this type of computer, make sure no one is looking over your shoulder to memorize your personal data and be sure to sign off when you are done.
  • 13. If you are using the Internet for financial transactions, be sure the sites you visit are secure. Most secure sites have URLs that start with "https://" instead of the normal "http://." Some websites may display a logo indicating it is secure, but make sure you know the site is one you trust. Wireless Internet networks have become common and convenient. Some are secure and some are not. Be careful using wireless networks that are free and not secure. Wireless home networks deserve attention as well. It may be time consuming or more expensive to have a secure network at home, but that is better than having a fraudster sitting in a car on your street monitoring your activities and gaining access to your files and information. It is important to install anti-virus software on your computer and keep it up to date. The safe holds true for firewalls and security patches for your operating system. Passwords Many websites you visit require a user name and password. Having a strong password will make your online activities safer. Unfortunately, many passwords are chosen to be easily remembered rather than to protect the user. Some common passwords that hackers could easily guess are password, user name, your real name, your address, 123456, abcdef, or just a number. With just a four- digit number, there are only 9,999 combinations and a sophisticated hacker could probably figure that out in seconds. Strong passwords are at least six characters long and preferably eight. They should contain a mixture of upper and lower case letters, numbers and special characters (#, $, ^, &,!,?, {, >, etc.). They should not be based on personal information and not be based on words found in a dictionary. The difficulty of long and mixed passwords is that they can be hard to remember. One suggestion is to create a password from a sentence that you are likely to remember. For example, start with the sentence "My children John and Mary are 12 and 16 years old." Then use the first letters of the words, characters and the numbers to create the "McJ&Ma12&16yo" password. Changing passwords often and using different ones at different websites also increases protection. Keep any written record of your passwords in a safe location. Disposing of CDs and diskettes The best way is to physically destroy the CD. Shred it if you have a shredder that can handle it without difficulties. Otherwise, you can break the CD into pieces. Be careful and wrap the CD in a paper towel to avoid shattered plastic. Diskettes can be formatted to remove the data if you plan to reuse them. Otherwise, it is a good idea to break them into pieces or shred them.
  • 14. Disposing of a PC hard drive With the ways you use your PC and financial software you may use, think of the highly sensitive information that is stored on your hard drive. It may have tax returns, investment records, financial account information, and other personal data. It may also have records of your user names and passwords used at dozens or hundreds of websites. This is information that must be removed before disposing of an old PC. Unfortunately, it is extremely difficult to completely erase that data from your hard drive. Deleting files and even formatting your hard drive does not completely remove the data. With the right tools, a skilled technician could reconstruct your data. There are some software products that claim to overwrite an entire hard drive and make it impossible to recover the data. A better, easier and cheaper solution is to remove the hard drive and physically destroy it. If you are considering disposing of, donating or recycling a PC, protect yourself and your data by removing and destroying the hard drive. Protect Your Identity Review what BB&T does to help protect your identity. The statement of the above is very true and most enlightening indeed for the average user; but then come some meat on the bone to bring home the facts of reality about the corporation: Here is an example of the BB&T Computer and Utility suppliers BB&T Computer Network TOWER ASSOCIATES, INC. Owners & Operators of the BB&T Building Leasing - Brokerage - Property Management - Development 1 West Pack Square, Suite 1701 Asheville, NC 28801- 3481 Phone: (828) 210- 8155 "A Recognized Asheville Landmark"
  • 15. PROFESSIONAL SERVICES In addition to owning and operating one of Asheville’s largest multi-tenant office buildings, Tower Associates has numerous relationships to offer a variety of professional real estate services including leasing, brokerage, development, relocation coordination, construction services, and advanced technology services. With many years experience, Tower Associates can consult with investors to research, locate, and develop investment opportunities. Services are also available through Tower Associates to work with out-of-area brokers to find the right location to satisfy tenants’ needs. Tower Associates has partnered with strategic technology and energy leaders to provide tenants the most advanced services. These partners include AT&T, Charter Communications, Progress Energy, and PSNC (Public Service Natural Gas Company of North Carolina). The BB&T Building boasts 3 fiber optics feeds providing extraordinary telecommunication capabilities. Specific association with TAIS Web, an advanced computer technology company located within the BB&T Building, enables on-site voice telecommunication, phone devices, voice mail, computer networking, network wiring, computer repair, broadband Internet access, and web design services. I would like to thank you for the keys to the front door as it may very well be.
  • 16. Exposure points found just on the 3 Hour Tour This is one of your guys out there on the net advertising his past with BB&T. This is a policy that must be changed and enforced to insure the corporation’s security integrity is not placed in jeopardy. Desktop Support Specialist BB&T John Shrum Active Directory (AD) Systems Administrator (SA), General Dynamics Information Technology (GDIT), NASE, CONUS-TNOSC. Tucson, Arizona Area Contact John Shrum Add John Shrum to your network Current Active Directory Systems Administrator at General Dynamics Information Technology Past Desktop Support Specialist at BB&T Infrastructure Specialist at Digital Persistence Refresh Specialist at Dell Computers John Shrum’s Summary John Shrum 5138 Camino Del Norte Sierra Vista, AZ 85635 205-369-0124 (Public Company; BBT; Financial Services industry) January 2010 — June 2010 (6 months) Increased efficiency for BB&T Bank end users and profits by successfully performing project related installations for 26 branches within the scope of the project per contract agreement between BB&T, DCI (Digital Communications, Inc.) and TekSystems/Allegis
  • 17. Performs installation and setup of Network Cabinets, Routers, Switches, Servers, PC's and Accessory Device Network Cabinet installs consist of locating the proper T-1 Circuit and DSL backup circuit Properly connecting and dressing the cabling, plugging the whiptails into the switch Punching down the crossovers cabling Verifying the UPS and server are up and operating normally Consoling into the router to verify proper configuration of the router PC installs consist of performing configuration and updates to PC's placing the fresh monitors to be used with the legacy PC's until second stage is performed Placing fresh PC's in proximity of the legacy PC's with appropriate peripherals' including MICRs, Validators and Check scanning devices Final stage consists of placing fresh equipment in operation, removing legacy equipment Performing data migration insuring data is not compromised Directing users log on and mentoring them through user specific configuration Recording and reporting inventory for fresh and legacy equipment So now, I have a decent way of understanding your infrastructure and see your guts from a new perspective. In another words; Gottcha! More on the company BB&T Bank Building Tower in Atlanta $150 million tower to be anchored by banking firm KEVIN DUFFY; STAFFTHE ATLANTA JOURNAL-CONSTITUTION Updated: 02-6-2009 12:30 pm The metro area's fourth-largest bank will anchor a new $150 million office tower at the massive Midtown development Atlantic Station. The 25-story skyscraper, under construction at 271 17th St., will be Atlantic Station's third office building and its tallest. Construction is expected to be finished in spring 2009. BB&T Bank, headquartered in Winston-Salem, N.C., signed a 15-year lease on 80,000 square feet and will move its Atlanta headquarters to the site. The bank spent 18 months looking at more than 40 existing and proposed projects before deciding on Atlantic Station, said Lars Anderson, president of BB&T's Georgia operations. "This move will help us bring employees from across our financial services spectrum to 17th Street," Anderson said. BB&T's 200 Atlanta employees are scattered among three buildings in Buckhead. BB&T will open a branch in the lobby of the new building and occupy floors eight, nine and 10 initially. The tower will give BB&T an opportunity to make a much bigger statement in Atlanta. The company plans to display 19-foot illuminated letters on all four sides of the structure, Anderson said.
  • 18. Some examples of your employees that have shared their employment with others on the net! 26 Employees of BB&T Bank Renee Pierce 28 yrs, luna777 Purcellville, VA Bb&t Bank Banker Luck Stone Loudoun Valley High ... Click to learn more about PeekScore Alisa Spiker 33 yrs, spike1531 Culloden, WV Bb&t Bank Bookkeeper Accounts Payable Clerk Clay Center For The Arts & Sciences Wv ... Click to learn more about PeekScore Jennifer M. Irvin 29 yrs, jennirvin Mechanicsville, MD | Piney Point, MD | Madison, NC Schoenbauer Furniture Service Reeves Insurance Agency Bb& T Bank ... Click to learn more about PeekScore
  • 19. Kayla Parker 19 yrs, maylakay_06 Ringgold, GA Bb&t Bank Northwest Whitfield County High School Dalton State College music ... Click to learn more about PeekScore Mary A. Lorza 28 yrs, mary_lorza Pooler, GA | Savannah, GA Suntrust Bb&t Bank Relationship Banker Financial Service Rep. ... Click to learn more about PeekScore Jessica Keehn 24 yrs, jessk72485 Newburgh, IN Bb&t Bank Teller Unemployed At The Moment University Of Louisville ... Click to learn more about PeekScore Lisa Martin 25 yrs, lisamartin55 Demorest, GA | Gainesville, GA Bb&t Bank Bank Teller Click to learn more about PeekScore
  • 20. Antonio Daure, antoniodaure Stone Mountain, GA Bb&t Bank Senior Teller Relationship Banker accounting banking ... Click to learn more about PeekScore Jamie Taylor 27 yrs, juicyjamielove82 Berryville, VA Work Bb&t Bank Bank Teller tv ... Click to learn more about PeekScore Michael Runyon 22 yrs, runyon88 Charlottesville, VA Bb&t Bank Teller Mountain Valley Corp. William Monroe High ... Click to learn more about PeekScore Mary Grubbs 62 yrs, mary1670 Woodstock, VA Bb&t Bank Robber Central High School family ... Click to learn more about PeekScore
  • 21. Jessica L. Raper 28 yrs, tigerjesslynn Mableton, GA | Cleveland, TN Bb&t Bank Bradley High School reading bowling ... Click to learn more about PeekScore Grace Mcewen 24 yrs, grace24124 Harrisonburg, VA Wal-mart Journeys Bb&t Bank Teller ... Click to learn more about PeekScore Charlotte Murphy 45 yrs, craftygirl1965 Tucker, GA Banking Bb & T Bank Sangrias Mexican Cafe Lakeside High School ... Click to learn more about PeekScore Lisa Pue 27 yrs, misslisapisa Suisun City, CA Best Buy Bank Of America International Bank Of Commerce Bb&t Bank ...
  • 22. Colin Pone’s More IT employees on the net Current IT Risk Management - Project Manager at BB&T Past Information Security Officer at Greystone Bank Divisional Senior IT Manager at The Cheesecake Factory IT Manager at The Cheesecake Factory 4 more... Education ECPI Technical College Nash Community College Recommendations 3 recommendations Connections 22 connections Industry Information Technology and Services Colin Pone’s Experience IT Risk Management - Project Manager BB&T (Public Company; BBT; Financial Services industry) June 2010 — Present (6 months) Audit/Regulatory Liaison. Work directly with the FDIC, NCCOB, OTS and other regulatory examiners for all IT examinations. Manage internal audit findings and work with LOBs to mitigate risks. Serve as Process Action Team member to reduce Information Security risks and provide training to management as appropriate. Compile, review and provide external auditors and regulatory examiners with requested documentation.
  • 23. Information Security Officer Greystone Bank (Banking industry) June 2009 — July 2010 (1 year 2 months) * Business Continuity / Disaster Recovery Planning/Testing * Regulatory Examinations as CTO (FDIC, NCCOB) * PCI Compliance Management * User Access Process Control / Auditing * Information Security Program/Policy Management * Incident Response Plan Management * Business Intelligence Report Creation * LAN/WAN Integration * Virtual Environment Process Control Divisional Senior IT Manager The Cheesecake Factory (Public Company; CAKE; Restaurants industry) February 2008 — March 2009 (1 year 2 months) • PCI Compliance Management • SOX 404 Compliance and internal process auditing • Manage Information Technology for the manufacturing division of The Cheesecake Factory which consisted of 22 Servers, 300+ users, two manufacturing plants and a corporate office facility while reporting to the Senior Executive Vice President of Operations and Corporate CIO. • Devise and Manage divisional capital IT budget exceeding $900,000 for 2008 and exceeding $600,000 in 2007. • Manage all Ross ERP decisions, updates, upgrades and module implementations including but not limited to WMS, Maintenance Management, MES, Requisitioning, Supply Chain etc. using SDLC • Constructed and managed eCommerce Distribution department responsible for packaging and distributing all online cheesecake orders to customers. Department consisted of 4 permanent and 60 temporary employees. • Analyze all divisional business processes, devise plans for technical process improvements and determine the areas of impact for Information Technology. • Analyze all business processes and determine the areas of impact for Information Technology.
  • 24. IT Manager The Cheesecake Factory (Public Company; CAKE; Restaurants industry) February 2006 — February 2008 (2 years 1 month) • Setup all IT functions at new manufacturing facility including but not limited to network layout, wireless infrastructure, server installation, phone system configuration, desktop purchase and installation, IT policies and procedures, etc. • Manage all ERP module implementations such as WMS, Maintenance, MES, Purchasing, etc. • Manage the creation of all Business Objects reports exporting data from Ross for KPI reporting, Outstanding PO’s, Ship Orders, Maintenance Work Orders, Requisitions, etc. • Manage IT related capital projects in excess of $500,000 in 2006 and report to Vice President of IT at our corporate headquarters in Los Angeles, CA. • Monitor and maintain 4 file servers, 2 Soleris Micro Lab servers, 2 Intellex Security Camera servers, 2 SQL Servers, 1 Backup Domain Controller, 1 Backup/Print server, a 2003 Exchange server and 12 additional servers that serve as disaster recovery for corporate. • Setup and implemented Avaya Partner Phone Messaging system, created mainline menus, directory listings, submenus, department and user mailboxes and our Inclement Weather/Emergency Hotline. • Create Microsoft Access databases for departments as needed such as the PQG Process Control Database for Quality Assurance and the Key Production Indicators Database for manufacturing to enter, modify and report on daily production data. • Implemented Neogen Soleris LIMS for Quality Assurance and configured remote network connectivity software to view test results remotely through our VPN. • Manage and maintained Production Data Integration System that retrieves data from each piece of equipment in manufacturing by connecting to PLCs, cameras, photo eyes, various sensors and data entry screens in production. • Implemented digital video security server system. Installed 4 INTELLEX servers in the MDF and 48 security cameras throughout the interior and exterior of the facility.
  • 25. IT Project Manager / Network Administrator Wachovia (Public Company; WB; Banking industry) February 2004 — February 2006 (2 years 1 month) • Manage projects that affect all of the users at the Greenville, NC and Winston Salem, NC locations and delegate specific parts of the project to supporting technicians. • Present project proposals to Senior Management and provide weekly project status updates. • Hold regular meetings with consultants, offsite personnel and senior management to align decision making, ensure proper support and prepare for disaster recovery. • Support network infrastructure, connectivity and assist in 10 bit to 100 bit local network upgrade. • Design technical project layouts and delegate specific parts of projects to project teams. • Manage Lotus Notes software upgrade from R5 to R6 and find resolution for all issues associated. • Support Inova Lightlink reader boards, applications and associated servers. • Troubleshoot and support Windows NT/2000/XP workstations, 2000/2003 servers and network issues. • Remotely support out-of-state users utilizing NetOP remote control and Terminal Services. • Responsible for testing applications in Test environment prior to Production deployment. • Inform helpdesk management of common issues and provide detailed instructions for resolution to later be uploaded to our knowledgebase. Network Administrator Purdue Pharma (Privately Held; Pharmaceuticals industry) February 2003 — February 2004 (1 year 1 month) • Manage technical projects such as Exchange 2000 migration from 5.5 with Active Directory integration. • Support SAP ERP modules, implementations and end users in manufacturing. • Created a multi-subnet environment to separate the manufacturing and office networks for FDA Part 11 compliance. • Create, modify and maintain user/group accounts and support all voice and data operations. • Manage and support a Windows NT/2000 environment utilizing Active Directory, Terminals Services, Server Manager, User Manager and Norton Ghost. • Accountable for server backup procedures, execution, SOP revisions and offsite storage. • Support all Microsoft software applications as well as SAP ERP module implementations, LIMS, POMS and Millennium software. • Image desktop workstations and servers using Norton Ghost - Ghostcast. • Setup and install servers, switches, blades, tapes drives and various other types of hardware. • Setup digital phones lines, extensions, categories, etc. through the Meridian phone system.
  • 26. Subject Matter Expert - Desktop/Server Support Electronic Data Systems - EDS (Information Technology and Services industry) May 2001 — February 2003 (1 year 10 months) • Supervise Windows Server and Desktop support team • Set schedules based on call volume analytics • Monitor agents for compliance and quality assurance management • Support user issues on a Tier 3 level as needed • Coordinate and train agents on newly supported products/applications and maintain training materials. • Assisted in the design and maintenance of USPS Knowledgebase website used to guide agents through support issues/FAQs Image Processing Analyst II BB&T (Public Company; BBT; Financial Services industry) March 1999 — May 2001 (2 years 3 months) • Maintain files and statement data on Unix servers as administrator • Migrate statement data from RAID to OPTICAL Jukebox platters monthly post statement printing • Review and image fraud checks as needed and made system updates as appropriate • Managed Image Library software for commercial customers and ensured all check images were properly imaged on CDs for customer distribution Colin Pone’s Education ECPI Technical College BS , Information Technology , 2000 — 2001 Graduated with Honors with a 3.8 GPA Nash Community College College Transfer , Computer Science
  • 27. Colin Pone’s Contact Settings Interested In: career opportunities consulting offers new ventures expertise requests reference requests getting back in touch This one is a killer as well IT Project Manager Post Job For Free Country: United States State: North Carolina City: Charlotte ZIP: 28226 Posted date: 10/27/2010 Posted by: Name is not set. Email: dhartu@r.postjobfree.com Contact Info: ******@********.**.*** Show Contact Info (premium) Send Message (free) Map Data - Terms of Use Resume Text: Contact job seekers directly. PostJobFree Premium Membership is only $20/month. STACY R MEHLMAN 4808 Waterford Knoll Drive Charlotte, NC 28226 (704) 519 – 9301 EDUCATION • New York Institute of Technology Degree: Bachelor of Arts/Communications Technical Classes: • Novel 3.12 4.11 • Microsoft Administrating Windows NT 4.0 • Microsoft Windows NT 4.0 Core Technology • Telecom: Centigram PBX APPLICATIONS AND SYSTEMS KNOWLEDGE EXPERIENCE OS and Application Support: Windows XP, Windows 2000, MS Office 2007, MS Outlook 2003 , Office Pro 2003, 2000 & Pro, Lotus Notes 7.0, Explorer 6.0, 7.0, 8.0, Adobe Reader 7.0, 8.0, Adobe Acrobat Standard, Adobe Acrobat Professional Hardware Support: Blackberry - Verizon 8830 (Curve), Verizon 9630 (Tour), IPHONE, HP Monitors and PC’s (Lenovo T400 laptops, IBM ThinkPads, Logistic Webcam Pro 9000,
  • 28. KNOWLEDGE Aspect Winset for Windows, WebXtender, Communiqué web conferencing, AS400, Peregrine system (Service Center, Get Answers), Oasis Softphone, Emerald Mainframe, Go To Assist, SMS Systems Management Server 1.2, 2.0 (SMS), SMS Remote, SCCM Remote Control, Avaya Messaging, Microsoft Active Sync, DTS Synchronizer SYS Point PE, Mana PE Disk, MS System Center Configuration manager 2007, HP Service Manager, Lotus Sametime 8.0.2, BlackBerry Enterprise Server Management, Blackberry Application Loader, Blackberry Device Manager. Verizon VZAccess Manager, Java PROJECT PROFILES AND EMPLOYMENT HISTORY Premier Mutual Fund Company: Charlotte, North Carolina Desktop Support Services – June 2009 – Present August 31,2010 • Support companywide internal users at multiple locations and facilities • Technical support of the desktop hardware and software computing environment. • Serves as the interface to the Support Center and other IT groups for issues that must be elevated beyond the Desktop Support Services organization • Coordinates desktop hardware and software acquisitions and upgrades • Deploy, set-up PCs, Laptops, and Printers • Provides computer hardware move coordination and support • Provide desktop support for the installation, configuration, and ongoing usability of desktop computers, peripheral equipment, software, Break Fix and Service requests • Resolve desktop support requests and inquiries in a timely manner • Maintain an inventory of IT assets and perform updates to the IT asset management database • Specializing in Blackberry support- Trouble shooting hand held issues swiping, enterprise activation, synch issues, adding/deleting components, password changes, connectivity problems, Blue Tooth setup, upgrade Blackberry OS • Worked with BES Management, BAM Notes services • In addition, as the Desktop Support Specialist, I participate in special projects and perform other duties as assigned BB&T: Charlotte, North Carolina Migration Technical Support Specialist Oct 2008 - Dec 2008 • Onsite Deposit Migration Team support • Converted external corporate customers from their current desktop application to a new web-based version used to initiate the application • Scheduled migration and training session with clients • Initiated the removal and installation of new supporting software application and drivers for the scanner device for the web-based version • Trained users on the new application • Used Web conferencing • Used Access database to track client information • Assisted web-based clients with questions and issues with the implementation of the authentication security questions • Reset passwords, security questions, and resolved lock outs • Advised on how to add / delete users • Assisted in editing user setup
  • 29. • Provided instructional and technical support, as well as customer service to external customers utilizing BB&T’s onsite deposit application • Provided product knowledge • Analyzed / resolved customer issues • Answered questions and resolved problems while exceeding required time frame expectations Wachovia Bank: Charlotte, North Carolina Technical Helpdesk Analyst April 2007 – August 2008 Wachovia Technical Consultant • Single Sign On Training / Migration Project support • Provided instructional and technical support, as well as customer service to both internal and external customers • Utilized Wachovia Treasury Services Application • Recorded and tracked each customer interaction in Call Tracking and Problem Solution database • Reviewed, analyzed and evaluated business systems and user needs as they related to Wachovia Treasury Services • Converted 130k external corporate customers from their current URL to a new URL landing page used to initiate all online applications • Provided instruction and guidance to customers so they could manage through the URL migration process • Created new logon ID's, passwords and bookmarks in support of the migration • Installed digital certificates, setup security questions and multifactor devices • • Assisted with Internet explorer issues such as: Script errors, options, browser and HTTP settings, connection issues, activeX controls, tool bars, security, trusted sites and printing issues • Assisted with customer inquiries on accounts, balance and transaction information, and user id validation/deletions. • Analyzed / Resolved User Problems on current system • Resolved problems while exceeding required time frame expectations • Reset passwords, logon violations, and lock outs • Advised on how to add users / delete users, • Assisted with setting the user access functions • Identified / tested/ reset/ and unlocked tokens • Processed customer request modifications (CRM) • Added / deleted accounts • Removed profiles • Added function and provided access • Worked closely with Tier II support to expedite and resolve customer issues American Technical Ceramics: Huntington Station, New York Account Representative / Sales March 2003 - February 2007 • Sales Department working with Buyers. Purchasers, Engineers • Customer Service • Provided product knowledge, process quote requests, and process purchase orders, set up new accounts for Customers, process credit references, resale certificates, client contact information
  • 30. • Analyzed / resolved customer issues • Expedited orders to meet customer's needs, furnished invoices and proof of delivery for invoice payment • Tracked customer orders and resolved late, missing, and partial shipments • RMA's - Processed return material requests and provided support to customer • RO's - Processed replacement material orders and provided pricing and delivery information • Worked with accounts payable for credit line increases, resolve over credit limit and billing issues • Internet orders • Processed & updated online orders, setup customer authorizations, resolved & analyzed issues pertaining to Credit card problems, incomplete data on orders, order tracking and back orders Verizon / Bell Atlantic / RH Donnelley: New York City and Long Island, NY System Analyst/ Field Support Sept 1998 - July 2001 • Desktop Support of 900 users at 3 locations using Windows NT and MAC OS 8, OS 9 • Analyzed / Resolved end User Problems • Help Desk support • Used Expert Advisor 3.5 to log & track issues • Provided solutions to problems while exceeding required time frame expectations • Helped maintain function for all users PC's in multiple departments • Assisted off site users with SMS Administrator • Assisted Telecom Department in analyzing problems • Setup data jacks, changed phones and setup Voice Mail Boxes • Completed upgrades / installations • Applied upgrades to software, patches, and fixes from vendor when necessary • Installed & removed user software applications • Helped with migration of email service from Outlook98 to Lotus Notes • Created User Workstations Environments and Network Printers • Used Ghosting to perform this task • Setup user profiles, Protocols, Domains • Installed Drivers for network, printer, audio, video, display, and modems • Purchasing Supplies / Vendor contacts o Contacted manufacturers or Vendors for hardware replacement, purchase and/or product returns o Kept up to date inventory checklist of all equipment including • Laptops, Desktops, printers, accessories o Cleaned out logs of all old equipment, old end-users and maintained all equipment asset information through SMS • User Training o One on one training of software applications • Hardware o Setup user stations and Network Printers o Resolved functional problems First Card NBD: Uniondale, N.Y LAN Administrator Asst. / Desktop Support April 1997 - September 1998
  • 31. • Desktop Support of 3000 users using Windows 3.1 and Windows 95 • Analyzed / Resolved end User Problems • Call in Center support • Used MS Access to log & track issues • Provided support and taught application usage • Performed PC Upgrades and relocations • Used NWAdmin 4.1 to maintain LAN information for users, servers, printers and software • Used ArcServe to control daily backups of all servers, restoring of files • Network Conversion support • Helped with the construction of server units, printers configurations (SYMS and LAN Cards) • WIN 95 Roll Out support • Upgraded PC's, installing software applications, new images when needed • Resolved user problems through NetWare 4.11 NDS System and at users workstations • Supported conversion from Token ring to Ethernet • Responsible for rewiring the LAN connections to the new hub, data jakes, and PCs • Performed installations of new NIC cards The only thing that this employee forgot to add is if she was married, had kids or just Party Animal on her resume! BOB Meyers in for as your information security chief. So let me guess; a former fed of one type or the other, a high-ranking ex-cop, maybe military cop and officer or all of the above. Congratulations, you brought on-board a hound dog that can sniff out a crime AFTER the fact, not before it occurs due to a possible lack of understanding of the ever changing world of technology. Robert Myers Title and Company: VP-Corporate Security Corporate Manager of Investigations at Bb&T Corporation Company Address: 200 West 2nd Street Winston Salem, NC 27101-4019 Join Spoke to learn more information about Robert
  • 32. Search for Robert Search for Robert on Facebook Search for Robert on Linkedin Search for Robert on Twitter Search for Robert on Myspace Robert Myers's Biography Tags: Bb&T Corporation, NC, Commercial Bank, VP-Corporate Security Corporate Manager of Investigations Robert Myers's Job History Join to view all Bb&T Corporation o VP-Corporate Security Corporate Manager of Investigations Robert Myers's Coworkers Join to view all (2,144) Rocky Comer IT Asset Life Cyc... SEVP and Chief Ma... Barbara Duck Senior Executive ... Ron Denny Senior Vice Presi... Chief Financial O... John Williams Blue Ridge Region... Paal Kaperdal Senior Vice Presi... J Coppedge Gulf Coast Region... Chuck Gaskin Sr. Vice Presiden...
  • 33. Here is the Gulf Coast President guys background in a nutshell. J Coppedge Title and Company: Gulf Coast Regional President at BB&T Corporation Company Address: 200 West 2nd Street (Tell me, does everyone work at the same address? Hell no!) Winston Salem, NC 27101-4019 Join Spoke to learn more information about J Search for J Search for J on Facebook Search for J on Linkedin Search for J on Twitter Search for J on Myspace J Coppedge's Biography TitleEast Florida Regional President RegionEast Florida ExperienceMr. Coppedge has 24 years of banking experience, including 19 years with Wachovia Bank. He joined BB&T in 2004 with the acquisition of Republic Bancshares Inc. of St. Petersburg, Fla. While at Republic Bank, he served as chief operating officer. Date of BirthNovember 12, 1954 BirthplaceCoral Gables, FL EducationBS, Marketing, Auburn UniversityMBA, Finance, University of FloridaAffiliationsFormer Member, Board of Trustees, University of Tampa; Executive Committee Member, Tampa Chamber of Commerce; Board Member, Tampa YMCA; Board Member, Tampa Bay Partnership; Board Member, Past President, Cobb County YMCA Tags: Bb&T Corporation, NC, Commercial Bank, Gulf Coast Regional President
  • 34. J Coppedge's Job History Join to view all Bb&T Corporation 2006 o East (since 2006) o President (since 2006) o Gulf Coast Regional President J V Arthur Inc 2005 o Regional President, East Florida - Florida (since 2005) Bb & T Shomo & Linedweaver Insurance Services 2005 o East Florida Regional President (since 2005) ??bb o East Florida Regional President Bb & T Corporation o East Florida Regional President J Coppedge's Coworkers Join to view all (2,144) Rocky Comer IT Asset Life Cyc... SEVP and Chief Ma... Barbara Duck Senior Executive ... Ron Denny Senior Vice Presi... Chief Financial O... John Williams Blue Ridge Region... Paal Kaperdal Senior Vice Presi... J Coppedge Gulf Coast Region... Chuck Gaskin Sr. Vice Presiden... Has this info changed?
  • 35. Learn more about J Coppedge View Background Information on J Coppedge View Social Profiles for J Coppedge powered by 2,144 employees in Bb&T Corporation Join to view
  • 36.
  • 37. Wake up to the reality of the real world situation and a kid with a keyboard and Internet Access By Michael Isikoff National investigative correspondent NBC News NBC News updated 11/22/2010 5:52:27 AM ET 2010-11-22T10:52:27 WASHINGTON — How did a hacker in Malaysia manage to penetrate a computer network operated by the Federal Reserve Bank of Cleveland? And what was the same accused cybercriminal doing this summer when he allegedly tapped into the secure computers of a large Defense Department contractor that managed systems for military transport movements and other U.S. military operations? Those are among the puzzling questions raised by allegations against Lin Mun Poo, a 32-year-old Malaysia native whose case illustrates the mounting national secrets threats posed by overseas cyber attacks, U.S. law enforcement and intelligence officials tell NBC News. The U.S. government’s case against Poo, who is slated to be arraigned in federal court in Brooklyn on Monday, has so far gotten little attention. But many of the allegations against him seem alarming on their face, according to cybercrime experts. "This is scary stuff," said one U.S. law enforcement official. ( He had what would be called a money bomb; and your firm may have been a targeted firm as well!)
  • 38. Poo was arrested by Secret Service agents last month shortly after flying into New York's John F. Kennedy airport with a "heavily encrypted" laptop computer containing a "massive quantity of stolen financial account data," including more than 400,000 credit card, debit card and bank account numbers, according to a letter filed by federal prosecutors last week laying out a "factual proffer" of their evidence against Poo. [ Click here to read the prosecutors' letter in PDF format.] (The feds got lucky this time; I would have stayed at home and done it with American Express!) READ THE NEXT PARAGRAPH! He later confessed to federal agents that he had gotten the credit and bank card data by tapping into the computer networks of "several major international banks" and companies, and that he expected to use the data for personal profit, either by selling it or trading it, according to the prosecutors' letter. Poo's court-appointed lawyer did not respond to a request from NBC News for comment. 'Impressive level of criminal activity' But far more disturbing, according to U.S. intelligence officials and computer crime experts, was his penetration of both a Federal Reserve network of 10 computers in Cleveland as well as the secure networks of a "major" Defense Department contractor. According to the prosecutors' letter, the Pentagon contractor, which has not been identified, provides system management for military transport and other "highly-sensitive military operations." "To have the skills to break into highly sensitive systems like that is an impressive level of criminal activity," said Kurt Baumgartner, a senior security researcher for Kaspersky Lab, a computer security firm. While there is much about Poo's alleged activities that remain unexplained — including his purpose in accessing the military contractor's computers — his case underscores the continued vulnerabilities of computer networks that are critical to the country’s national security, U.S. intelligence experts said. "If a guy from Malaysia can get into networks like this, you can imagine what the Chinese and Russians, the people with real capabilities, are able to do," said one former senior U.S. intelligence official, who monitored cyberthreats and asked for anonymity in order to speak candidly. In fact, the penetration of sensitive national security computers by overseas hackers — many of them believed to be state sponsored — is rapidly emerging as one of the country’s most alarming national security threats, officials said. And the threat is not just from foreign governments and for-profit hackers. Officials have also expressed worries that terrorist groups may be capable of the same sorts of sophisticated penetrations. U.S. Undersecretary of Defense Bill Lynn recently disclosed in a Foreign Affairs article that the Pentagon suffered a significant compromise of its classified military computer networks in 2008, when officials discovered that a malicious computer code had been inserted into a U.S. military laptop at a base in the Middle East. ( Click here to read the Foreign Affairs article, registration required.)
  • 39. The flash drive's code was placed there by a "foreign intelligence agency," Lynn wrote, and quickly spread to the classified network run by the U.S. Central Command. This in turn prompted a Pentagon operation to neutralize the penetration, which was code-named "Buckshot Yankee," according to Lynn’s article. "There was massive concern about that," the former U.S. intelligence official said of the 2008 penetration. "People were freaked out." The foreign intelligence agency was widely believed to be Russia's, the former official said. The country's agents were attempting to "exfiltrate" data from the classified Central Command computers, but Pentagon officials were never able to determine whether they had succeeded in doing so, the official added. That same year, in an incident first reported by Newsweek in November and later amplified in Bob Woodward's recent book, "Obama's Wars," Chinese hackers penetrated the campaign computers of the Barack Obama and John McCain presidential campaigns, prompting the Bush White House to advise both camps to take countermeasures to protect their data. Related article: China web hijacking shows Net at risk As Lynn presented the problem in his article, the penetrations of U.S. military data are growing "exponentially," one of the key reasons the Pentagon recently set up the United States Cyber Command to beef up defenses. "Every day, U.S. military and civilian networks are probed thousands of times and scanned millions of times," Lynn wrote. "Adversaries have acquired thousands of files from U.S. networks and from the networks of U.S. allies and industry partners, including weapons blueprints, operational plans and surveillance data." So far, it is unclear whether Poo’s alleged hacking created any comparable compromise of sensitive U.S. government data. Federal prosecutors allege that he hacked into the Federal Reserve computers in Cleveland by transmitting "malicious" computer codes and commands and that the attack resulted in "thousands of dollars in damages" that affected "10 or more" Federal Reserve computers. But June Gates, a spokeswoman for the Federal Reserve in Cleveland, said the penetration was restricted to a network of "test" computers used for checking out new software and applications and did not contain sensitive Federal Reserve data about banks in the region. She declined, however, to respond to questions about whether Federal Reserve officials were aware of the hacking attack when it occurred in June — or only learned about it last month after Secret Service agents seized Poo’s computer. Troop movements compromised? Pentagon officials said Sunday they were unable to respond immediately to questions about whether Poo's hacking of the contractor's computers had compromised military troop movements. But spokesman Bryan Whitman said in an e-mailed statement to NBC News: "We are keenly aware that our networks are being probed everyday. That's precisely why we have a very robust and layered active defense to protect our networks and preserve our freedom of movement in this domain." Another critical question is whether Poo was working with a larger hacking network and, if so, who may have been a part of it. The indictment against him alleges that he acted "together with others." But the indictment does not identify any co-conspirators. It also does not indicate what Poo expected to do with the data he may have accessed by hacking into the Pentagon contractor computers. [ Click here to read the indictment in PDF format.]
  • 40. Baumgartner, the computer crime expert, said that so far the information about Poo hacking into military contractor and Federal Reserve computers does not seem to square with the seemingly run-of-the-mill purpose behind his acquisition of stolen credit card and ATM data. He was arrested hours after his arrival at JFK when undercover Secret Service agents observed him allegedly selling stolen credit numbers for $1,000 at a diner in Brooklyn. "It doesn’t add up," Baumgartner said. "This doesn't fit with a profile of somebody from overseas that has infiltrated a defense contractor and the Federal Reserve." So far, almost nothing is known about who Poo really is, what his motivations are, and who his accomplices might be. But Baumgartner said he believes "that there's a lot more to do this story that hasn't come out." This not a drill; this is not Hollywood, this is reality from across the world. This is Sneakers meets the BB&T Challenge! Targeting BB&T offices and infrastructure
  • 41. BB&T Corp Company Description BB&T Corporation is a financial holding company. The Company conducts its business operations mainly through its commercial bank subsidiary, Branch Banking and Trust Company 'Branch Bank', which has offices in North Carolina, South Carolina, Virginia, Maryland, Georgia, West Virginia, Tennessee, Ken... BB&T Corporation is a financial holding company. The Company conducts its business operations mainly through its commercial bank subsidiary, Branch Banking and Trust Company 'Branch Bank', which has offices in North Carolina, South Carolina, Virginia, Maryland, Georgia, West Virginia, Tennessee, Kentucky, Alabama, Florida, Indiana and Washington, D.C. In addition, the Company's operations consist of a federally chartered thrift institution, BB&T Financial, FSB and several nonbank subsidiaries, which offer financial services products. Substantially all of the loans by the Company's subsidiaries are to businesses and individuals in these market areas. On December 12, 2008, the Company announced the acquisition of all the deposits of Haven Trust Bank 'Haven Trust' of Duluth, Georgia through an agreement with the FDIC. During 2008, BB&T acquired eleven insurance businesses and one nonbank financial services company. Branch Bank provides a range of banking services to individuals and businesses and offers a variety of loans to businesses and consumers. Such loans are made mainly to individuals residing in the market areas described above or to businesses located within The Company's geographic footprint. Branch Bank also markets a range of deposit services to individuals and businesses. Branch Bank offers, either directly, or through its subsidiaries, lease financing to businesses and municipal governments; factoring; discount brokerage services, annuities and mutual funds; life insurance, property and casualty insurance, health insurance and commercial general liability insurance on an agency basis and through a wholesale insurance brokerage operation; insurance premium financing; permanent financing arrangements for commercial real estate; loan servicing for third-party investors; direct consumer finance loans to individuals; and trust services. The direct nonbank subsidiaries of the Company provide a variety of financial services including automobile lending, equipment financing, full-service securities brokerage, payroll processing, asset management and capital markets services. The Company's banking operations are locally oriented and community-based. The subsidiaries of the Company compete actively with national, regional and local financial services providers, including banks, thrifts, securities dealers, mortgage bankers, finance companies and insurance companies. The Company's main market area consists of North and South Carolina, Virginia, Maryland, Georgia, eastern Tennessee, West Virginia, Kentucky, Florida and Washington, D.C. It is regulated under federal and state banking laws and regulations. Officers and Executives» Name Compensation Officer Since Title Kelly S. King 1.97M 1996
  • 42. CEO/CEO, Subsidiary/Chairman of the Board/Chairman of the Board, Subsidiary/Director/President Daryl N. Bible 652,082 2009 CFO/Senior Executive VP Cynthia B. Powell - 2009 Chief Accounting Officer/Controller/Senior VP Clarke R. Starnes,III - 2000 Chief Credit Officer/Chief Risk Officer/Senior Executive VP Christopher L. Henson 877,048 2005 COO Or some of you new hires: New Hires and Recent Promotions at BB&T Scott Taylor, CPA Vice President, LOB Strategic Finance was Vice President, Financial Reporting and Analysis 4 months ago
  • 43. Erica Cassidy Executive Search Consultant/AVP was Employment Consultant IV/AVP - Executive Search 2 months ago Lori Pierce, CCSA Audit Project Leader, AVP was Senior Internal Auditor, AVP 3 months ago Bill Lehmann VP / Business Services Officer was Regional Special Assets Officer / VP 4 months ago Tom McFarland IT Business Services Manager was PMO Director Then we have this tidbit to nibble on: POLITICAL COMMITTEE DISCLOSURE REPORT Export data to .CSV COVER Committee Name Committee Type SBoE ID Report Type Period Covered BRANCH BANK AND TRUST NORTH CAROLINA PAC 150 SOUTH STRATFORD ROAD SUITE 401 WINSTON SALEM, NC Political Action Committee 7100001 2001 Mid Year Semi-Annual From: 01/01/2001 To: 06/30/2001 Filed: 07/27/2001
  • 44. 27104 OFFICERS Type Name Address Treasurer SCOTT NULL 150 SOUTH STRATFORD ROAD, WINSTON SALEM, NC, 27104 ACCOUNTS Name Type Address Purpose Begin Balance End Balance NC ACCOUNT - BRANCH BANKING & TRUST COMPANY Bank Account P. O. BOX 1290, WINSTON SALEM, NC 27102-1290 SUMMARY Total this Period Total this Election Cash on Hand at Beginning $101,203.39 $101,203.39 RECEIPTS Individuals other than Political Committees: Itemized $403.20 $403.20 Individuals other than Political Committees: Unitemized $13,219.18 $13,219.18 Individuals other than Political Committees: Total $13,622.38 $13,622.38 Political Party Committees $0.00 $0.00 Other Political Committees (such as PACs) $0.00 $0.00 Total Contributions $13,622.38 $13,622.38 Loan Proceeds $0.00 $0.00 Refunds/Reimbursements To the Committee $250.00 $250.00 Interest on Bank Accounts $0.00 $0.00 Total Receipts $13,872.38 $13,872.38 EXPENDITURES Operating Expenditures $13,000.00 $13,000.00 Contributions to Candidates/Political Committees $14,000.00 $14,000.00 Coordinated Party Expenditures $0.00 $0.00 Loan Repayments $0.00 $0.00 Total Expenditures $27,000.00 $27,000.00 Cash on Hand at End of Reporting Period $88,075.77 $88,075.77 ADDITIONAL INFORMATION Debts and Obligations owed BY the Committee $0.00 Debts and Obligations owed TO the Committee $0.00 RECEIPTS First Prev 1 of 1 Next Last Date Is Prio r Name of Contributor and Complete Mailing Receipt Type Purpos e Descriptio n Accou nt Code Form of Payme nt Amount of Receipt Sum To Date
  • 45. Address 06/30/200 1 Aggregated Individual Contribution Individual Contribution $13219.1 8 $13219.1 8 01/09/200 1 ELAINE MARSHALL FOR SENATE 1000 KEITH HILLS DR LILLINGTO N, NC 27546 Refund/Reimbursm ent to the Committee $250.00 $250.00 01/30/200 1 KELLY S KING SENIOR VICE PRESIDENT BB&T 2530 COUNTRY CLUB RD WINSTON SALEM, NC 27104 Individual Contribution $17.20 $17.20 02/27/200 1 KELLY S KING SENIOR VICE PRESIDENT BB&T 2530 COUNTRY CLUB RD WINSTON SALEM, NC 27104 Individual Contribution $17.20 $34.40 03/29/200 1 KELLY S KING SENIOR VICE PRESIDENT BB&T 2530 COUNTRY CLUB RD Individual Contribution $17.20 $51.60
  • 46. WINSTON SALEM, NC 27104 04/27/200 1 KELLY S KING SENIOR VICE PRESIDENT BB&T 2530 COUNTRY CLUB RD WINSTON SALEM, NC 27104 Individual Contribution $17.20 $68.80 05/30/200 1 KELLY S KING SENIOR VICE PRESIDENT BB&T 2530 COUNTRY CLUB RD WINSTON SALEM, NC 27104 Individual Contribution $17.20 $86.00 06/28/200 1 KELLY S KING SENIOR VICE PRESIDENT BB&T 2530 COUNTRY CLUB RD WINSTON SALEM, NC 27104 Individual Contribution $17.20 $103.20 01/30/200 1 ROBERT F MYERS VP BB&T 116 GOLDEN BEN LN Individual Contribution $25.00 $25.00
  • 47. CLEMMONS, NC 27012 02/27/200 1 ROBERT F MYERS VP BB&T 116 GOLDEN BEN LN CLEMMONS, NC 27012 Individual Contribution $25.00 $50.00 03/29/200 1 ROBERT F MYERS VP BB&T 116 GOLDEN BEN LN CLEMMONS, NC 27012 Individual Contribution $25.00 $75.00 04/27/200 1 ROBERT F MYERS VP BB&T 116 GOLDEN BEN LN CLEMMONS, NC 27012 Individual Contribution $25.00 $100.00 05/30/200 1 ROBERT F MYERS VP BB&T 116 GOLDEN BEN LN CLEMMONS, NC 27012 Individual Contribution $25.00 $125.00 06/28/200 1 ROBERT F MYERS VP BB&T 116 GOLDEN BEN LN CLEMMONS, NC 27012 Individual Contribution $25.00 $150.00
  • 48. 01/30/200 1 HENRY G WILLIAMSO N CHIEF OPERATION S OFFICER BB&T 4909 KNOB VIEW CT WINSTON SALEM, NC 27104 Individual Contribution $25.00 $25.00 02/27/200 1 HENRY G WILLIAMSO N CHIEF OPERATION S OFFICER BB&T 4909 KNOB VIEW CT WINSTON SALEM, NC 27104 Individual Contribution $25.00 $50.00 03/29/200 1 HENRY G WILLIAMSO N CHIEF OPERATION S OFFICER BB&T 4909 KNOB VIEW CT WINSTON SALEM, NC 27104 Individual Contribution $25.00 $75.00 04/27/200 1 HENRY G WILLIAMSO N CHIEF OPERATION S OFFICER BB&T 4909 KNOB VIEW CT WINSTON SALEM, NC Individual Contribution $25.00 $100.00
  • 49. 27104 05/30/200 1 HENRY G WILLIAMSO N CHIEF OPERATION S OFFICER BB&T 4909 KNOB VIEW CT WINSTON SALEM, NC 27104 Individual Contribution $25.00 $125.00 06/28/200 1 HENRY G WILLIAMSO N CHIEF OPERATION S OFFICER BB&T 4909 KNOB VIEW CT WINSTON SALEM, NC 27104 Individual Contribution $25.00 $150.00 Total ALL Receipts: $13,872.3 8 First Prev 1 of 1 Next Last EXPENDITURES First Prev 1 of 1 Next Last Date Name of Payee and Complete Mailing Address Expenditu re Type Purpose In-Kind Descriptio n Accoun t Code Form of Payme nt Amount of Expenditu re Sum to Date 01/09/200 1 GNOSSOS SOFTWARE 1625 K ST NW/STE 1250 WASHINGTON , DC 20006 Operating Expense SOFTWARE PURCHASE $8000.00 $8000.00 04/22/200 1 GNOSSOS SOFTWARE 1625 K ST NW/STE 1250 WASHINGTON , DC 20006 Operating Expense SOFTWARE PURCHASE $4000.00 $12000.0 0
  • 50. 05/15/200 1 GREATER RALEIGH CHAMBER OF COMMERCE PO BOX 2978 RALEIGH, NC 27602 Operating Expense SPONSORING LEGISLATIVE RECEPTIONIS T $1000.00 $1000.00 06/26/200 1 NC BANKERS ASSN PAC PO BOX 19999 RALEIGH, NC 27619-1999 Contributio n to Candidate or Political Committee CONTRIBUTIO N $2500.00 $2500.00 03/22/200 1 NC FORUM FOR RES & ECON ED PAC 5 W HARGETT ST STE 1110 RALEIGH, NC 27601 Contributio n to Candidate or Political Committee CONTRIBUTIO N $10000.00 $10000.0 0 05/30/200 1 THE JUSTICE COMM PO BOX 2277 RALEIGH, NC 27602 Contributio n to Candidate or Political Committee CONTRIBUTIO N $500.00 $500.00 05/30/200 1 TYSON FOR COURT COMM 410 RAMSEY ST STE 100 FAYETTEVILL E, NC 28301- 4910 Contributio n to Candidate or Political Committee CONTRIBUTIO N $1000.00 $1000.00 Total ALL Expenditures: $27,0 The great democratic process at work? Or is it a blueprint for disaster? If I have a basis to work with when it comes to address of the main players in the company, then I have the keys to the kingdom.
  • 51. This is just a small synopsis of the 3 Hour Tour of the web exposure of and to your firm. Not included were telephone network maps, information network superstructure or carries or technologies. But what was not included is a full investigation of general information of BB&T corporate structure or investigation of the backgrounds of employees. It is with such basic information to cajole, blackmail, force, kidnap, add subterfuge to the mixture or any other aspect of possible criminal activities; or the ability to infiltrate YOUR NETWORKS AND SECURITY without detection or discovery until it is too late. The thought is to provide you with a workable, possible, logical and cost effective program for both yourselves and then pass such knowledge onto the clients. Thank you for your time today reading this exposé’s. Ian A. Murphy