Robert Vamosi posted an interesting blog today on CNET "Hacking intranet web sites from the outside". He attended an RSA presentation by Jeremiah Grossman, CTO of White Security. The blog describes the attack on an intranet:
Perhaps as ominous, the blog continues on to describe these types of attacks being initiated from web enabled printers or web enabled UPS strips. What is worrisome is that these types of attacks won't be picked up by anti-virus or other malware detecting devices.
There are so many relatively easy attack vectors into an enterprise. The bottom line is to have multiple layers of identity authentication strength behind the firewall, the anti-virus and intrusion detection systems.