IBM Sued over Hacked E-Mail Server

A Washington, D.C., law firm has sued IBM claiming that the computing giant is responsible for a 2005 attack on its e-mail server.

Butera & Andrews claims that an unknown IBM employee attempted to attack its e-mail server in November of last year, shortly after the law firm discovered that its computer had been taken over by an unknown attacker. Security investigators traced the source of the attack to a computer within IBM’s Cornwallis Road facility in Durham, N.C., the law firm alleges.

The lawsuit was filed April 7 in the U.S. District Court for the District of Washington.

An analysis of computer logs revealed “over 42,000” attempts by IBM-controlled machines to attack Butera & Andrews servers during 2005, the lawsuit claims.

Butera & Andrews is asking the court to force IBM to disclose information related to the attacks, and to award it damages, including the US$61,000 it spent investigating the matter.

IBM has asked for the case to be dismissed, saying that Butera & Andrews “alleges no facts to justify its supposition that its systems were attacked by an IBM employee, as opposed to a computer hacker.”

The law firm may have a hard time proving that IBM is to blame for this attack, according to a computer security expert.

Though Butera & Andrews may have traced their attack to an IP address controlled by IBM, (170.224.68.57, according to court filings) that address may have been spoofed, or IBM’s servers themselves may have been taken over by outside attackers, said Russ Cooper, a senior information security analyst at Cybertrust. “There are lots of possibilities,” he said.

Butera & Andrews senior partner James Butera declined to comment on the matter, except to point out that IBM had not denied that its computers were involved in the attack.

IBM spokespeople were not immediately available to comment for this story.

-Robert McMillan, IDG News Service (San Francisco Bureau)

Keep checking in at our Security Feed page for updated news coverage.