Branch Banking and Trust

Technical Security and Information

Security Consultation Proposal

Prepared by Ian A. Murphy,

IAM / Secure Data Systems

Let us begin with a little bit of humor even though we are talking of a fiscally corporate deadly situation; and

think back to the theme song of Gilligan's Island. As the song goes, they were out on the three hour tour. When

the tiny ship was tossed; but it was not for the fearless crew the Minnow would be lost, the Minnow would be

lost. The ship struck ground on this desert isle with Gilligan, the Skipper too, the Millionaire and his Wife, the

Movie Star and Marianne and the Professor here on Gilligan's Island!

Or does BB&T consider itself like the movie Forbidden Planet; safe as the IT security personnel and the

corporate security VP think that they are safe from invasion?

Or is it more like War of the Worlds? or

Or The Hacker World and Criminal Enterprises and Others versus the Good Guys.

Now what does this mean to Branch Banking and Trust? What it means is that a simple sojourn into the pile of

the Internet has provided a basic wealth of information and of the corporate exposure to the Internet work

purposes that could be used to exploit your weaknesses that are yet to be known by you, but could be exploited

by persons with nefarious and unsavory intentions. The aspect that so many landed on Gilligan’s Island and left

without taking them along to be rescued is one thing; or is it to be ―Forbidden Planet where Morpheus and

Robby the Robot take control and the Krell are now back in charge after the crew of the rescue ship Versarius

were told not to land. This all seems strange to you right now; but the avenues that we are traversing right now

are ones that can be both fun and exciting and most of all educational to the corporate multi-state environments

and cultures as demonstrated by the inclusive information; or dangerous and lethal to the corporate structure.

Now it is said that the best way to introduce yourself to a company or to a potential clients is through

networking. That is how this project began. The initial idea was to both ensure that the Corp.; and then it;s

high net worth clients along with its high net worth Corp. Clients were made aware of various information,

telecommunications, technical surveillance and countermeasures, physical security, and overall total security

from any exposure to both the outside world and also to educate to the internal world of BB&T.

While this is not a hilarious situation. It is very well possible that this three-hour tour of the Internet seeking out

information about BB&T has been an eye-opening experience and something that can be used to gather and

garner new clients and also provide internal concerns being addressed and also from behind high net worth

clients and behind high net worth Corp. clients; a possibility of bringing about an educational capability that

they never thought of; but the vast potential of expanding the business footprint of BB&T corporation through

the subtle use of Humor, Education, quantified and qualified education, the constant reiteration of the Ethical

Standards of BB&T and other aspects of these ideas; are to promote BB&T to be as the advertising states: Best

bank In Town

This is War Games! In addition, this is the game called Global Thermo-

Nuclear Warfare and you are a target rich environment. It is of this nature that we present these ideas and basic

information that was gleaned from the Internet on this Gilligan’s three-hour tour but found War of the Worlds

and Forbidden Planet to be the reality of the situation. The simple fact that BB&T is the desert island and open

to exposure through the Internet, along with its clients and its own internal structures is one that should not be

taken lightly. The simple fact comes down to that a person or persons in any nation, state, or criminal enterprise

has the opportunity to go ahead and exploit some of the vulnerabilities that have been found in this basic three-

hour tour. With a much deeper examination and without spending any money, we were able to go ahead and

find a number of pieces of information of this jigsaw puzzle that gives us a basic overview of the Corp. and its

senior staff along with some of the general staff that have worked for the company and could be brought about

to reveal secrets and trade infringements which could put the company in jeopardy.

Now, why would we undertake such a potential examination of BB&T in the first place? Well, the first reason

is due to the fact that we are a potential high net worth client and have brought a number of other accounts to

the corporation itself through our personal contact, which we are very grateful to have and have found that there

intuition and inspiration along with my personal education to this person has been one of an eye-opening

experience. BB&T has a long history of being a conservative banking institution, as it is well-known and then

outlines in this document. To repeat, what is already in this document concerning the history of BB&T is a

useless waste of time. But the interesting fact is that the simple gathering of information about BB&T and its

operations, and the potential of its operations being disrupted, or possibly compromised in a situation that will

or could be both publicly embarrassing as most corporations will not reveal that they have had their systems

compromised; and will only do it on a quiet basis to their affected customers and clients offers a unique ability

to go ahead and overrule such capabilities before they occur. Please think back to the T.J. Maxx incident of 10

million debit and credit cards numbers being stolen.

Now as Gilligan; without much knowledge of your basic operation in general; I was able to gather up a number

of interesting pieces of the puzzle of BB&T. But with a concerted effort authorized by BB&T; a technical

surveillance and countermeasures program would be put in place along with information warfare and security

program and a basic educational program for all employees to recognize the threats that come from the outside

and internal workings of BB&T Corp., it basically comes down to this one simple point; that the exposure of

BB&T, or any other corporation strictly is dependent upon the ability of the corporate entity to realize that it has

weaknesses are being exposed on the World Wide Web in a multitude of fashion and fashions due to such

actions as MySpace or Facebook, or any other social networking site, Wi-Fi, also conference attendance without

proper ethical and legal and information warfare instructions and training to know when the fact that so-called

aspects such as social engineering or business intelligence is being conducted without their knowledge for the

benefit of the competitors for their clients. In simple terms, were are technicians, not politicians. WE report our

findings and it is up to you to make the call to insure your business integrity or not.

In reference to the high net worth clients and high net worth corporations who are also clients; the ability to

offer a technical security team at of course, a premium to the client gives them both peace of mind and the

ability to contact a corporate security officer, who would then coordinate a specified response to the clients

needs. This can also be accomplished due to the fact that there is an insurance division of BB&T and would be

considered an additional insurance policy provided to the client at a small premium due to the fact that most

clients will not have the need to have such specialized electronic and physical security evaluations on a

continual basis.

Of course, there are those clients that need special handling that will require a prerequisite of physical,

electronic, electromechanical and over all technical surveillance and countermeasures capabilities available at

the ready upon the client’s request. That type of particular clients is one that is required by the company and

wishes to be capped by the company as a client and this type of service is one that gives the client peace of

mind.

The same way that BB&T has a corporate security officer in charge of investigations who is a vice president

and that BB&T also has a disaster recovery program in place for its information systems;

but does BB&T have an over all security

program in place and operational for the requirements of the needs of the corporation at the time of the need to

Corp?

During this sojourn of a three-hour tour of the Internet in basic research of BB&T Corp. were able to find the

chairman of the board's home address, the political action committee, a number of employees, both past and

present, the recent new employees and their positions and titles, their addresses of their homes, which gives us

the capability to find out even more about them and to possibly use them for nefarious purposes. If that was our

goal. But since our goal is to act as a protective shield for BB&T Corp., and to allow us the capabilities of both

sweeping particularly sensitive areas and allowing the director of corporate security to place his input in along

with our input as a total team commitment offers up a security overall protective force field . An overall, bubble

that should be put in place immediately. Information is power, knowledge is power and the Internet provides so

much power into the hands of the potential adversary to the Corp. or to the potential competitor for both clients,

corporate information, high net worth abilities and clients, and over all business intelligence is one that should

be considered by BB&T to be unacceptable, and not insurmountable.

Now, while the aspect of an specialized outside team coming in with fresh objectified eyes

and offering its expertise and mindset from a standpoint that is much different than the current security

operations of BB&T, or any other former or current client organization has always been one that has been a

delicate dance that offers up the chance to step on some toes at times, and anchored dues paying for results that

are not advantageous to the current corporate security posture. In this aspect; our goal is not to go ahead and

produce an untenable situation where the BB&T security operations are left open to compromise and to conflict,

but to enhance the security operations through new ideas and unique capabilities that are currently not in the

BB&T security operations theater.

Just why would such efforts to discover BB&T’s Background and weakness? With just a few short hours of

research, we were able to come up with a small sample of your total exposure to your corporation which makes

it vulnerable to compromise and breeches. A person seeking to do damage or other nefarious deeds could dig

deeper with more time and a systematic plan of attack on your networks. A concentrated penetration attack

upon your infrastructure includes, physical, electronic and electro-mechanical . One type of Attack would be

with ZeuS or SpyEye as simple examples of you possibility of attack without your knowledge.

Here is a small example of just some of the outlets of ZeuS:

1. “Kneber” = Zeus | Symantec Connect

Feb 18, 2010... being reported as a new type of computer virus known as ―Kneber.‖ In reality Kneber is

simply a pseudonym for the Zeus Trojan/botnet. ...

www.symantec.com/connect/blogs/kneber-zeus - Cached - Similar

►

2. New trojan virus Zeus v3 empties online bank accounts | Mail Online

Aug 11, 2010 ... The latest attack involved a Trojan called Zeus v3 which hides inside adverts on

legitimate websites. Once installed on a home computer, ...

www.dailymail.co.uk/.../New-trojan-virus-Zeus-v3-empties-online-bank-accounts.html

3. Computer Virus Attacks Cobb County Woman - News Story - WSB Atlanta

He actually tracked the origin of the Zeus virus to a hacker in Russia. The program sits on your

computer until you sign on to a financial ...

www.wsbtv.com/news/19022761/detail.html - Cached - Similar

4. Computer Virus: Zeus Virus: Becoming more powerful

Apr 22, 2010 ... Zeus virus comes of revision 1.6 with the capability of attacking Firefox and Internet

Explorer. A truth that gives a chance for the Google ...

creatingcomputervirus.blogspot.com/.../zeus-virus-becoming-more-powerful.html - Cached

5. New Study Finds Computer Virus 'Zeus Bot' in Internet Postcards ...

Jul 25, 2009 ... A computer forensics study reveals that phony Internet postcards presently hitting users'

inboxes contain a PC virus called Zeus Bot.

www.spamfighter.com/News-12877-New-Study-Finds-Computer-Virus-Zeus-Bot-in-Internet-

Postcards.htm - Cached - Similar

6. Zeus Virus Malware – Most Software Cannot Detect This Trojan

zeus virus malware Zeus is a financial malware. It infects consumer PCs, waits for them to log ... The

safety of your computer is within your own hands. ...

thepcsecurity.com › News - Cached - Similar

7. Computer Virus Zeus V3 Hits Large UK Financial Institution And ...

Aug 11, 2010 ... Thousands of online banking customers have had their accounts drained by a

sophisticated new computer virus, internet security experts say.

news.sky.com/.../Computer-Virus-Zeus.../201008215681025 - United Kingdom

8. U.S. Makes Arrests in “Zeus” Computer Fraud

Oct 1, 2010 ... By Jane Jamison Let this story on the Zeus Trojan serve as your ... Tagged as: bank fraud,

computer, phishing, trojan, virus, worm, Zeus ...

www.uncoverage.net/.../u-s-makes-arrests-in-zeus-computer-fraud/ - Cached

9. Two held over ZeuS trojan virus that steals personal data ...

Nov 18, 2009 ... Computer hacker The Zeus or Zbot virus can steal users' bank details, passwords, credit

card numbers and other information. ...

www.guardian.co.uk/technology/.../zeus-zbot-trojan-virus - Cached - Similar

10. Hackers Use Zeus v3 Virus to Target Bank Accounts

Aug 15, 2010 ... Zeus v3 Trojan Virus Malicious hackers are targeting people in the UK with a

dangerous computer virus called Zeus v3 to wipe out bank ...

www.wpsecuritylock.com/beware-hackers-use-zeus-v3-virus-to-target-bank-accounts/ - Cached

Well to answer the question; it is very simple. The ideas presented are for both the corporation and for

it’s corporate clients and to also provide security consultation to high net worth clients and the general

public customer. If you are selling Quicken to everyone, why not sell security as well as part of the

package too?

The various stages of security consultation for the company are to include Technical Surveillance and Counter-

Measures, Information Systems Security (you just got hit with a virus a few months ago if memory serves me

correctly) and to provide a service that no other banking institution could offer with the various insurance and

other service besides banking to customers, employees, clients and others who would require and could be

provided as a service for a fee to the clients through the Corporate Security Division. If the banking side of the

house and the insurance side of the house were to combine in a manner that offers such services as a piece of

mind service to the customers, the exponential value in Goodwill and customer loyalty grows each and every

day with them knowing that their assets are protected to the very best security science can offer. From the

Technical security & counter-measures side inclusive of all computer systems, employee awareness and other

aspects of Information Warfare counter-measures to the protection of vital and needed corporate data and

programs secure.

Currently you offer Quicken as part of a service that comes with the customer experience territory. A very nice

offering indeed. No other banking institution that we know out there wants to serve the customer with such

unique service and offerings. But along with the Quicken service, maybe the thought of providing to the

general customer something that we have not seen in any other banking concern. The possibility of making

aware the average customer of Information Security and their banking needs and your services.

This can be done as a networking type of event with an after business hours event to allow those who are

concerned with their own security for banking purposes; or their business concern’s in addition a chance to

meet and greet other clients who wish to network their own business and maybe share their horror stories of

Information Security and a chance for all attendee’s to learn and share both business stories, information horror

stories, provide a number of vendors of security service such as the team presented to you in this very basic

proposal and the chance for them to interact with the clients and to also provide the Banking side of the house

the chance to join in a lively open discussion with the clients as to their needs both banking and of their own

security concerns.

.

This following web page comes from your web site and should be more prominent in it accessibility. While we

applaud the effort and the sincerity of such a web page, it was only discovered by a web search of BB&T

Information Security policies and procedures. So no one really reads it :

Protecting Your Internet Activities and Electronic Data

With more of our financial activities occurring over the Internet, it is important to be aware of risks these

activities entail and steps you can take to reduce the risk that someone will illegally gain access to your private

information or financial accounts.

Common Internet scams

Auction fraud - This may take many forms including emails saying you have a second chance to buy an

auction item, non-delivery of an item purchased in an auction, defective merchandise or receiving

cheaper merchandise.

Advance payment frauds - Emails asking for help in getting money out of a country or advising you that

you won a lottery lead to requests for money to cover legal fees, taxes, bribes, processing costs and

taxes.

Phishing - Emails notifying you that an institution or store need confirmation of account information

lead to a fake (or spoofed) website that looks legitimate but is just a place to disclose personal

information to fraudsters. BB&T will never ask you for confidential information through email or pop-

up windows.

Hot stock promotions - Emails, online newsletters and bulletin boards may be nothing more than a scam

artist's attempt to have you drive up the price of a stock so they can sell their shares. This is often used

with cheap and thinly traded stocks.

Protecting your online activities

Be careful using public computers. Using a computer at a cyber café or a free computer at a trade show can be

dangerous. The computer may be programmed to capture user names and passwords. If you use this type of

computer, make sure no one is looking over your shoulder to memorize your personal data and be sure to sign

off when you are done.

If you are using the Internet for financial transactions, be sure the sites you visit are secure. Most secure sites

have URLs that start with "https://" instead of the normal "http://." Some websites may display a logo indicating

it is secure, but make sure you know the site is one you trust.

Wireless Internet networks have become common and convenient. Some are secure and some are not. Be

careful using wireless networks that are free and not secure. Wireless home networks deserve attention as well.

It may be time consuming or more expensive to have a secure network at home, but that is better than having a

fraudster sitting in a car on your street monitoring your activities and gaining access to your files and

information.

It is important to install anti-virus software on your computer and keep it up to date. The safe holds true for

firewalls and security patches for your operating system.

Passwords

Many websites you visit require a user name and password. Having a strong password will make your online

activities safer. Unfortunately, many passwords are chosen to be easily remembered rather than to protect the

user. Some common passwords that hackers could easily guess are password, user name, your real name, your

address, 123456, abcdef, or just a number. With just a four- digit number, there are only 9,999 combinations

and a sophisticated hacker could probably figure that out in seconds.

Strong passwords are at least six characters long and preferably eight. They should contain a mixture of upper

and lower case letters, numbers and special characters (#, $, ^, &,!,?, {, >, etc.). They should not be based on

personal information and not be based on words found in a dictionary.

The difficulty of long and mixed passwords is that they can be hard to remember. One suggestion is to create a

password from a sentence that you are likely to remember. For example, start with the sentence "My children

John and Mary are 12 and 16 years old." Then use the first letters of the words, characters and the numbers to

create the "McJ&Ma12&16yo" password.

Changing passwords often and using different ones at different websites also increases protection. Keep any

written record of your passwords in a safe location.

Disposing of CDs and diskettes

The best way is to physically destroy the CD. Shred it if you have a shredder that can handle it without

difficulties. Otherwise, you can break the CD into pieces. Be careful and wrap the CD in a paper towel to avoid

shattered plastic.

Diskettes can be formatted to remove the data if you plan to reuse them. Otherwise, it is a good idea to break

them into pieces or shred them.

Disposing of a PC hard drive

With the ways you use your PC and financial software you may use, think of the highly sensitive information

that is stored on your hard drive. It may have tax returns, investment records, financial account information, and

other personal data. It may also have records of your user names and passwords used at dozens or hundreds of

websites. This is information that must be removed before disposing of an old PC.

Unfortunately, it is extremely difficult to completely erase that data from your hard drive. Deleting files and

even formatting your hard drive does not completely remove the data. With the right tools, a skilled technician

could reconstruct your data.

There are some software products that claim to overwrite an entire hard drive and make it impossible to recover

the data. A better, easier and cheaper solution is to remove the hard drive and physically destroy it.

If you are considering disposing of, donating or recycling a PC, protect yourself and your data by removing and

destroying the hard drive.

Protect Your Identity

Review what BB&T does to help protect your identity.

The statement of the above is very true and most enlightening indeed for the average user; but then come some

meat on the bone to bring home the facts of reality about the corporation:

Here is an example of the BB&T Computer and Utility suppliers

BB&T Computer Network

TOWER ASSOCIATES, INC.

Owners & Operators of the BB&T Building

Leasing - Brokerage - Property Management - Development

1 West Pack Square,

Suite 1701

Asheville, NC 28801-

3481

Phone: (828) 210-

8155

"A Recognized Asheville Landmark"

PROFESSIONAL SERVICES

In addition to owning and operating one of Asheville’s

largest multi-tenant office buildings, Tower Associates has

numerous relationships to offer a variety of professional real

estate services including leasing, brokerage, development,

relocation coordination, construction services, and advanced

technology services.

With many years experience, Tower Associates can consult

with investors to research, locate, and develop investment

opportunities.

Services are also available through Tower Associates to work

with out-of-area brokers to find the right location to satisfy

tenants’ needs.

Tower Associates has partnered with strategic technology and

energy leaders to provide tenants the most advanced

services. These partners include AT&T, Charter

Communications, Progress Energy, and PSNC (Public

Service Natural Gas Company of North Carolina). The

BB&T Building boasts 3 fiber optics feeds providing

extraordinary telecommunication capabilities.

Specific association with TAIS Web, an advanced

computer technology company located within the BB&T

Building, enables on-site voice telecommunication, phone

devices, voice mail, computer networking, network

wiring, computer repair, broadband Internet access, and

web design services.

I would like to thank you for the keys to the front door as it

may very well be.

Exposure points found just on the 3 Hour Tour

This is one of your guys out there on the net advertising his past with BB&T. This is a policy

that must be changed and enforced to insure the corporation’s security integrity is not placed

in jeopardy.

Desktop Support Specialist

BB&T

John Shrum

Active Directory (AD) Systems Administrator (SA), General Dynamics Information Technology (GDIT),

NASE, CONUS-TNOSC.

Tucson, Arizona Area

Contact John Shrum

Add John Shrum to your network

Current

Active Directory Systems Administrator at General Dynamics Information Technology

Past

Desktop Support Specialist at BB&T

Infrastructure Specialist at Digital Persistence

Refresh Specialist at Dell Computers

John Shrum’s Summary

John Shrum

5138 Camino Del Norte

Sierra Vista, AZ 85635

205-369-0124

(Public Company; BBT; Financial Services industry)

January 2010 — June 2010 (6 months)

Increased efficiency for BB&T Bank end users and profits by successfully performing project related

installations for 26 branches within the scope of the project per contract agreement between BB&T, DCI

(Digital Communications, Inc.) and TekSystems/Allegis

Performs installation and setup of Network Cabinets, Routers, Switches, Servers, PC's and Accessory Device

Network Cabinet installs consist of locating the proper T-1 Circuit and DSL backup circuit

Properly connecting and dressing the cabling, plugging the whiptails into the switch

Punching down the crossovers cabling

Verifying the UPS and server are up and operating normally

Consoling into the router to verify proper configuration of the router

PC installs consist of performing configuration and updates to PC's placing the fresh monitors to be used with

the legacy PC's until second stage is performed

Placing fresh PC's in proximity of the legacy PC's with appropriate peripherals' including MICRs, Validators

and Check scanning devices

Final stage consists of placing fresh equipment in operation, removing legacy equipment

Performing data migration insuring data is not compromised

Directing users log on and mentoring them through user specific configuration

Recording and reporting inventory for fresh and legacy equipment

So now, I have a decent way of understanding your infrastructure and see

your guts from a new perspective. In another words; Gottcha!

More on the company

BB&T Bank Building Tower in Atlanta

$150 million tower to be anchored by banking firm

KEVIN DUFFY; STAFFTHE ATLANTA JOURNAL-CONSTITUTION

Updated: 02-6-2009 12:30 pm

The metro area's fourth-largest bank will anchor a new $150 million office tower at the massive Midtown

development Atlantic Station.

The 25-story skyscraper, under construction at 271 17th St., will be Atlantic Station's third office building and

its tallest. Construction is expected to be finished in spring 2009.

BB&T Bank, headquartered in Winston-Salem, N.C., signed a 15-year lease on 80,000 square feet and will

move its Atlanta headquarters to the site. The bank spent 18 months looking at more than 40 existing and

proposed projects before deciding on Atlantic Station, said Lars Anderson, president of BB&T's Georgia

operations. "This move will help us bring employees from across our financial services spectrum to 17th

Street," Anderson said.

BB&T's 200 Atlanta employees are scattered among three buildings in Buckhead. BB&T will open a branch in

the lobby of the new building and occupy floors eight, nine and 10 initially.

The tower will give BB&T an opportunity to make a much bigger statement in Atlanta. The company plans to

display 19-foot illuminated letters on all four sides of the structure, Anderson said.

Some examples of your employees that have shared their

employment with others on the net!

26 Employees of BB&T Bank

Renee Pierce 28 yrs, luna777

Purcellville, VA

Bb&t Bank Banker Luck Stone Loudoun Valley High ...

Click to learn more about PeekScore

Alisa Spiker 33 yrs, spike1531

Culloden, WV

Bb&t Bank Bookkeeper Accounts Payable Clerk Clay Center For The Arts & Sciences Wv ...

Click to learn more about PeekScore

Jennifer M. Irvin 29 yrs, jennirvin

Mechanicsville, MD | Piney Point, MD | Madison, NC

Schoenbauer Furniture Service Reeves Insurance Agency Bb& T Bank ...

Click to learn more about PeekScore

Kayla Parker 19 yrs, maylakay_06

Ringgold, GA

Bb&t Bank Northwest Whitfield County High School Dalton State College music ...

Click to learn more about PeekScore

Mary A. Lorza 28 yrs, mary_lorza

Pooler, GA | Savannah, GA

Suntrust Bb&t Bank Relationship Banker Financial Service Rep. ...

Click to learn more about PeekScore

Jessica Keehn 24 yrs, jessk72485

Newburgh, IN

Bb&t Bank Teller Unemployed At The Moment University Of Louisville ...

Click to learn more about PeekScore

Lisa Martin 25 yrs, lisamartin55

Demorest, GA | Gainesville, GA

Bb&t Bank Bank Teller

Click to learn more about PeekScore

Antonio Daure, antoniodaure

Stone Mountain, GA

Bb&t Bank Senior Teller Relationship Banker accounting banking ...

Click to learn more about PeekScore

Jamie Taylor 27 yrs, juicyjamielove82

Berryville, VA

Work Bb&t Bank Bank Teller tv ...

Click to learn more about PeekScore

Michael Runyon 22 yrs, runyon88

Charlottesville, VA

Bb&t Bank Teller Mountain Valley Corp. William Monroe High ...

Click to learn more about PeekScore

Mary Grubbs 62 yrs, mary1670

Woodstock, VA

Bb&t Bank Robber Central High School family ...

Click to learn more about PeekScore

Jessica L. Raper 28 yrs, tigerjesslynn

Mableton, GA | Cleveland, TN

Bb&t Bank Bradley High School reading bowling ...

Click to learn more about PeekScore

Grace Mcewen 24 yrs, grace24124

Harrisonburg, VA

Wal-mart Journeys Bb&t Bank Teller ...

Click to learn more about PeekScore

Charlotte Murphy 45 yrs, craftygirl1965

Tucker, GA

Banking Bb & T Bank Sangrias Mexican Cafe Lakeside High School ...

Click to learn more about PeekScore

Lisa Pue 27 yrs, misslisapisa

Suisun City, CA

Best Buy Bank Of America International Bank Of Commerce Bb&t Bank ...

Colin Pone’s

More IT employees on the net

Current

IT Risk Management - Project Manager at BB&T

Past

Information Security Officer at Greystone Bank

Divisional Senior IT Manager at The Cheesecake Factory

IT Manager at The Cheesecake Factory

4 more...

Education

ECPI Technical College

Nash Community College

Recommendations

3 recommendations

Connections

22 connections

Industry

Information Technology and Services

Colin Pone’s Experience

IT Risk Management - Project Manager

BB&T

(Public Company; BBT; Financial Services industry)

June 2010 — Present (6 months)

Audit/Regulatory Liaison. Work directly with the FDIC, NCCOB, OTS and other regulatory examiners

for all IT examinations.

Manage internal audit findings and work with LOBs to mitigate risks. Serve as Process Action Team

member to reduce Information Security risks and provide training to management as appropriate.

Compile, review and provide external auditors and regulatory examiners with requested documentation.

Information Security Officer

Greystone Bank

(Banking industry)

June 2009 — July 2010 (1 year 2 months)

* Business Continuity / Disaster Recovery Planning/Testing

* Regulatory Examinations as CTO (FDIC, NCCOB)

* PCI Compliance Management

* User Access Process Control / Auditing

* Information Security Program/Policy Management

* Incident Response Plan Management

* Business Intelligence Report Creation

* LAN/WAN Integration

* Virtual Environment Process Control

Divisional Senior IT Manager

The Cheesecake Factory

(Public Company; CAKE; Restaurants industry)

February 2008 — March 2009 (1 year 2 months)

• PCI Compliance Management

• SOX 404 Compliance and internal process auditing

• Manage Information Technology for the manufacturing division of The Cheesecake Factory which

consisted of 22 Servers, 300+ users, two manufacturing plants and a corporate office facility while

reporting to the Senior Executive Vice President of Operations and Corporate CIO.

• Devise and Manage divisional capital IT budget exceeding $900,000 for 2008 and exceeding $600,000

in 2007.

• Manage all Ross ERP decisions, updates, upgrades and module implementations including but not

limited to WMS, Maintenance Management, MES, Requisitioning, Supply Chain etc. using SDLC

• Constructed and managed eCommerce Distribution department responsible for packaging and

distributing all online cheesecake orders to customers. Department consisted of 4 permanent and 60

temporary employees.

• Analyze all divisional business processes, devise plans for technical process improvements and

determine the areas of impact for Information Technology.

• Analyze all business processes and determine the areas of impact for Information Technology.

IT Manager

The Cheesecake Factory

(Public Company; CAKE; Restaurants industry)

February 2006 — February 2008 (2 years 1 month)

• Setup all IT functions at new manufacturing facility including but not limited to network layout,

wireless infrastructure, server installation, phone system configuration, desktop purchase and

installation, IT policies and procedures, etc.

• Manage all ERP module implementations such as WMS, Maintenance, MES, Purchasing, etc.

• Manage the creation of all Business Objects reports exporting data from Ross for KPI reporting,

Outstanding PO’s, Ship Orders, Maintenance Work Orders, Requisitions, etc.

• Manage IT related capital projects in excess of $500,000 in 2006 and report to Vice President of IT at

our corporate headquarters in Los Angeles, CA.

• Monitor and maintain 4 file servers, 2 Soleris Micro Lab servers, 2 Intellex Security Camera servers, 2

SQL Servers, 1 Backup Domain Controller, 1 Backup/Print server, a 2003 Exchange server and 12

additional servers that serve as disaster recovery for corporate.

• Setup and implemented Avaya Partner Phone Messaging system, created mainline menus, directory

listings, submenus, department and user mailboxes and our Inclement Weather/Emergency Hotline.

• Create Microsoft Access databases for departments as needed such as the PQG Process Control

Database for Quality Assurance and the Key Production Indicators Database for manufacturing to enter,

modify and report on daily production data.

• Implemented Neogen Soleris LIMS for Quality Assurance and configured remote network

connectivity software to view test results remotely through our VPN.

• Manage and maintained Production Data Integration System that retrieves data from each piece of

equipment in manufacturing by connecting to PLCs, cameras, photo eyes, various sensors and data entry

screens in production.

• Implemented digital video security server system. Installed 4 INTELLEX servers in the MDF and 48

security cameras throughout the interior and exterior of the facility.

IT Project Manager / Network Administrator

Wachovia

(Public Company; WB; Banking industry)

February 2004 — February 2006 (2 years 1 month)

• Manage projects that affect all of the users at the Greenville, NC and Winston Salem, NC locations and

delegate specific parts of the project to supporting technicians.

• Present project proposals to Senior Management and provide weekly project status updates.

• Hold regular meetings with consultants, offsite personnel and senior management to align decision

making, ensure proper support and prepare for disaster recovery.

• Support network infrastructure, connectivity and assist in 10 bit to 100 bit local network upgrade.

• Design technical project layouts and delegate specific parts of projects to project teams.

• Manage Lotus Notes software upgrade from R5 to R6 and find resolution for all issues associated.

• Support Inova Lightlink reader boards, applications and associated servers.

• Troubleshoot and support Windows NT/2000/XP workstations, 2000/2003 servers and network issues.

• Remotely support out-of-state users utilizing NetOP remote control and Terminal Services.

• Responsible for testing applications in Test environment prior to Production deployment.

• Inform helpdesk management of common issues and provide detailed instructions for resolution to

later be uploaded to our knowledgebase.

Network Administrator

Purdue Pharma

(Privately Held; Pharmaceuticals industry)

February 2003 — February 2004 (1 year 1 month)

• Manage technical projects such as Exchange 2000 migration from 5.5 with Active Directory

integration.

• Support SAP ERP modules, implementations and end users in manufacturing.

• Created a multi-subnet environment to separate the manufacturing and office networks for FDA Part

11 compliance.

• Create, modify and maintain user/group accounts and support all voice and data operations.

• Manage and support a Windows NT/2000 environment utilizing Active Directory, Terminals Services,

Server Manager, User Manager and Norton Ghost.

• Accountable for server backup procedures, execution, SOP revisions and offsite storage.

• Support all Microsoft software applications as well as SAP ERP module implementations, LIMS,

POMS and Millennium software.

• Image desktop workstations and servers using Norton Ghost - Ghostcast.

• Setup and install servers, switches, blades, tapes drives and various other types of hardware.

• Setup digital phones lines, extensions, categories, etc. through the Meridian phone system.

Subject Matter Expert - Desktop/Server Support

Electronic Data Systems - EDS

(Information Technology and Services industry)

May 2001 — February 2003 (1 year 10 months)

• Supervise Windows Server and Desktop support team

• Set schedules based on call volume analytics

• Monitor agents for compliance and quality assurance management

• Support user issues on a Tier 3 level as needed

• Coordinate and train agents on newly supported products/applications and maintain training materials.

• Assisted in the design and maintenance of USPS Knowledgebase website used to guide agents through

support issues/FAQs

Image Processing Analyst II

BB&T

(Public Company; BBT; Financial Services industry)

March 1999 — May 2001 (2 years 3 months)

• Maintain files and statement data on Unix servers as administrator

• Migrate statement data from RAID to OPTICAL Jukebox platters monthly post statement printing

• Review and image fraud checks as needed and made system updates as appropriate

• Managed Image Library software for commercial customers and ensured all check images were

properly imaged on CDs for customer distribution

Colin Pone’s Education

ECPI Technical College

BS , Information Technology , 2000 — 2001

Graduated with Honors with a 3.8 GPA

Nash Community College

College Transfer , Computer Science

Colin Pone’s Contact Settings

Interested In:

career opportunities

consulting offers

new ventures

expertise requests

reference requests

getting back in touch

This one is a killer as well

IT Project Manager Post Job For Free

Country: United States

State: North Carolina

City: Charlotte

ZIP: 28226

Posted date: 10/27/2010

Posted by: Name is not set.

Email: dhartu@r.postjobfree.com

Contact Info: ******@********.**.***

Show Contact Info (premium) Send Message (free)

Map Data - Terms of Use

Resume Text:

Contact job

seekers directly.

PostJobFree Premium

Membership

is only

$20/month.

STACY R MEHLMAN

4808 Waterford Knoll Drive Charlotte, NC 28226 (704) 519 – 9301

EDUCATION

• New York Institute of Technology Degree: Bachelor of Arts/Communications

Technical Classes:

• Novel 3.12 4.11

• Microsoft Administrating Windows NT 4.0

• Microsoft Windows NT 4.0 Core Technology

• Telecom: Centigram PBX

APPLICATIONS AND SYSTEMS KNOWLEDGE

EXPERIENCE

OS and Application Support: Windows XP, Windows 2000, MS Office 2007, MS Outlook

2003 , Office Pro 2003, 2000 & Pro, Lotus Notes 7.0, Explorer 6.0, 7.0, 8.0, Adobe

Reader 7.0, 8.0, Adobe Acrobat Standard, Adobe Acrobat Professional

Hardware Support: Blackberry - Verizon 8830 (Curve), Verizon 9630 (Tour), IPHONE,

HP Monitors and PC’s (Lenovo T400 laptops, IBM ThinkPads, Logistic Webcam Pro

9000,

KNOWLEDGE

Aspect Winset for Windows, WebXtender, Communiqué web conferencing, AS400,

Peregrine system (Service Center, Get Answers), Oasis Softphone, Emerald Mainframe,

Go To Assist, SMS Systems Management Server 1.2, 2.0 (SMS), SMS Remote, SCCM

Remote Control, Avaya Messaging, Microsoft Active Sync, DTS Synchronizer SYS Point

PE, Mana PE Disk, MS System Center Configuration manager 2007, HP Service Manager,

Lotus Sametime 8.0.2, BlackBerry Enterprise Server Management, Blackberry

Application Loader, Blackberry Device Manager. Verizon VZAccess Manager, Java

PROJECT PROFILES AND EMPLOYMENT HISTORY

Premier Mutual Fund Company: Charlotte, North Carolina

Desktop Support Services – June 2009 – Present August 31,2010

• Support companywide internal users at multiple locations and facilities

• Technical support of the desktop hardware and software computing environment.

• Serves as the interface to the Support Center and other IT groups for issues that must be

elevated beyond the Desktop Support Services organization

• Coordinates desktop hardware and software acquisitions and upgrades

• Deploy, set-up PCs, Laptops, and Printers

• Provides computer hardware move coordination and support

• Provide desktop support for the installation, configuration, and ongoing usability of

desktop computers, peripheral equipment, software, Break Fix and Service requests

• Resolve desktop support requests and inquiries in a timely manner

• Maintain an inventory of IT assets and perform updates to the IT asset management

database

• Specializing in Blackberry support- Trouble shooting hand held issues swiping,

enterprise activation, synch issues, adding/deleting components, password changes,

connectivity problems, Blue Tooth setup, upgrade Blackberry OS

• Worked with BES Management, BAM Notes services

• In addition, as the Desktop Support Specialist, I participate in special projects and

perform other duties as assigned

BB&T: Charlotte, North Carolina

Migration Technical Support Specialist Oct 2008 - Dec 2008

• Onsite Deposit Migration Team support

• Converted external corporate customers from their current desktop application to a new

web-based version used to initiate the application

• Scheduled migration and training session with clients

• Initiated the removal and installation of new supporting software application and drivers

for the scanner device for the web-based version

• Trained users on the new application

• Used Web conferencing

• Used Access database to track client information

• Assisted web-based clients with questions and issues with the implementation of the

authentication security questions

• Reset passwords, security questions, and resolved lock outs

• Advised on how to add / delete users

• Assisted in editing user setup

• Provided instructional and technical support, as well as customer service to external

customers utilizing BB&T’s onsite deposit application

• Provided product knowledge

• Analyzed / resolved customer issues

• Answered questions and resolved problems while exceeding required time frame

expectations

Wachovia Bank: Charlotte, North Carolina

Technical Helpdesk Analyst April 2007 – August 2008

Wachovia Technical Consultant

• Single Sign On Training / Migration Project support

• Provided instructional and technical support, as well as customer service to both internal

and external customers

• Utilized Wachovia Treasury Services Application

• Recorded and tracked each customer interaction in Call Tracking and Problem Solution

database

• Reviewed, analyzed and evaluated business systems and user needs as they related to

Wachovia Treasury Services

• Converted 130k external corporate customers from their current URL to a new URL

landing page used to initiate all online applications

• Provided instruction and guidance to customers so they could manage through the URL

migration process

• Created new logon ID's, passwords and bookmarks in support of the migration

• Installed digital certificates, setup security questions and multifactor devices

•

• Assisted with Internet explorer issues such as: Script errors, options, browser and HTTP

settings, connection issues, activeX controls, tool bars, security, trusted sites and printing

issues

• Assisted with customer inquiries on accounts, balance and transaction information, and

user id validation/deletions.

• Analyzed / Resolved User Problems on current system

• Resolved problems while exceeding required time frame expectations

• Reset passwords, logon violations, and lock outs

• Advised on how to add users / delete users,

• Assisted with setting the user access functions

• Identified / tested/ reset/ and unlocked tokens

• Processed customer request modifications (CRM)

• Added / deleted accounts

• Removed profiles

• Added function and provided access

• Worked closely with Tier II support to expedite and resolve customer issues

American Technical Ceramics: Huntington Station, New York

Account Representative / Sales March 2003 - February 2007

• Sales Department working with Buyers. Purchasers, Engineers

• Customer Service

• Provided product knowledge, process quote requests, and process purchase orders, set up

new accounts for Customers, process credit references, resale certificates, client contact

information

• Analyzed / resolved customer issues

• Expedited orders to meet customer's needs, furnished invoices and proof of delivery for

invoice payment

• Tracked customer orders and resolved late, missing, and partial shipments

• RMA's - Processed return material requests and provided support to customer

• RO's - Processed replacement material orders and provided pricing and delivery

information

• Worked with accounts payable for credit line increases, resolve over credit limit and

billing issues

• Internet orders

• Processed & updated online orders, setup customer authorizations, resolved & analyzed

issues pertaining to Credit card problems, incomplete data on orders, order tracking and

back orders

Verizon / Bell Atlantic / RH Donnelley: New York City and Long Island, NY

System Analyst/ Field Support Sept 1998 - July 2001

• Desktop Support of 900 users at 3 locations using Windows NT and MAC OS 8, OS 9

• Analyzed / Resolved end User Problems

• Help Desk support

• Used Expert Advisor 3.5 to log & track issues

• Provided solutions to problems while exceeding required time frame expectations

• Helped maintain function for all users PC's in multiple departments

• Assisted off site users with SMS Administrator

• Assisted Telecom Department in analyzing problems

• Setup data jacks, changed phones and setup Voice Mail Boxes

• Completed upgrades / installations

• Applied upgrades to software, patches, and fixes from vendor when necessary

• Installed & removed user software applications

• Helped with migration of email service from Outlook98 to Lotus Notes

• Created User Workstations Environments and Network Printers

• Used Ghosting to perform this task

• Setup user profiles, Protocols, Domains

• Installed Drivers for network, printer, audio, video, display, and modems

• Purchasing Supplies / Vendor contacts

o Contacted manufacturers or Vendors for hardware replacement, purchase and/or product

returns

o Kept up to date inventory checklist of all equipment including

• Laptops, Desktops, printers, accessories

o Cleaned out logs of all old equipment, old end-users and maintained all equipment asset

information through SMS

• User Training

o One on one training of software applications

• Hardware

o Setup user stations and Network Printers

o Resolved functional problems

First Card NBD: Uniondale, N.Y

LAN Administrator Asst. / Desktop Support April

1997 - September 1998

• Desktop Support of 3000 users using Windows 3.1 and Windows 95

• Analyzed / Resolved end User Problems

• Call in Center support

• Used MS Access to log & track issues

• Provided support and taught application usage

• Performed PC Upgrades and relocations

• Used NWAdmin 4.1 to maintain LAN information for users, servers, printers and

software

• Used ArcServe to control daily backups of all servers, restoring of files

• Network Conversion support

• Helped with the construction of server units, printers configurations (SYMS and LAN

Cards)

• WIN 95 Roll Out support

• Upgraded PC's, installing software applications, new images when needed

• Resolved user problems through NetWare 4.11 NDS System and at users workstations

• Supported conversion from Token ring to Ethernet

• Responsible for rewiring the LAN connections to the new hub, data jakes, and PCs

• Performed installations of new NIC cards

The only thing that this employee forgot to add is if she was married, had kids or just Party Animal on her

resume!

BOB Meyers in for as your information security chief. So let me guess; a

former fed of one type or the other, a high-ranking ex-cop, maybe military cop and officer or all of the above.

Congratulations, you brought on-board a hound dog that can sniff out a crime AFTER the fact, not before it

occurs due to a possible lack of understanding of the ever changing world of technology.

Robert Myers

Title and Company:

VP-Corporate Security Corporate Manager of Investigations at Bb&T Corporation

Company Address:

200 West 2nd Street

Winston Salem, NC 27101-4019

Join Spoke to learn more information about Robert

Search for Robert

Search for Robert on Facebook

Search for Robert on Linkedin

Search for Robert on Twitter

Search for Robert on Myspace

Robert Myers's Biography

Tags:

Bb&T Corporation, NC, Commercial Bank, VP-Corporate Security Corporate Manager of Investigations

Robert Myers's Job History

Join to view all

Bb&T Corporation

o VP-Corporate Security Corporate Manager of Investigations

Robert Myers's Coworkers

Join to view all (2,144)

Rocky Comer

IT Asset Life Cyc...

SEVP and Chief Ma...

Barbara Duck

Senior Executive ...

Ron Denny

Senior Vice Presi...

Chief Financial O...

John Williams

Blue Ridge Region...

Paal Kaperdal

Senior Vice Presi...

J Coppedge

Gulf Coast Region...

Chuck Gaskin

Sr. Vice Presiden...

Here is the Gulf Coast President guys background in a nutshell.

J Coppedge

Title and Company:

Gulf Coast Regional President at BB&T Corporation

Company Address:

200 West 2nd Street (Tell me, does everyone work at the same address? Hell no!)

Winston Salem, NC 27101-4019

Join Spoke to learn more information about J

Search for J

Search for J on Facebook

Search for J on Linkedin

Search for J on Twitter

Search for J on Myspace

J Coppedge's Biography

TitleEast Florida Regional President RegionEast Florida ExperienceMr. Coppedge has 24 years of banking

experience, including 19 years with Wachovia Bank. He joined BB&T in 2004 with the acquisition of Republic

Bancshares Inc. of St. Petersburg, Fla. While at Republic Bank, he served as chief operating officer. Date of

BirthNovember 12, 1954 BirthplaceCoral Gables, FL EducationBS, Marketing, Auburn UniversityMBA,

Finance, University of FloridaAffiliationsFormer Member, Board of Trustees, University of Tampa; Executive

Committee Member, Tampa Chamber of Commerce; Board Member, Tampa YMCA; Board Member, Tampa

Bay Partnership; Board Member, Past President, Cobb County YMCA

Tags:

Bb&T Corporation, NC, Commercial Bank, Gulf Coast Regional President

J Coppedge's Job History

Join to view all

Bb&T Corporation

2006

o East (since 2006)

o President (since 2006)

o Gulf Coast Regional President

J V Arthur Inc

2005

o Regional President, East Florida - Florida (since 2005)

Bb & T Shomo & Linedweaver Insurance Services

2005

o East Florida Regional President (since 2005)

??bb

o East Florida Regional President

Bb & T Corporation

o East Florida Regional President

J Coppedge's Coworkers

Join to view all (2,144)

Rocky Comer

IT Asset Life Cyc...

SEVP and Chief Ma...

Barbara Duck

Senior Executive ...

Ron Denny

Senior Vice Presi...

Chief Financial O...

John Williams

Blue Ridge Region...

Paal Kaperdal

Senior Vice Presi...

J Coppedge

Gulf Coast Region...

Chuck Gaskin

Sr. Vice Presiden...

Has this info changed?

Learn more about

J Coppedge

View Background Information on J Coppedge

View Social Profiles for J Coppedge

powered by

2,144 employees in Bb&T Corporation

Join to view

Wake up to the reality of the real world situation and a kid with a keyboard and Internet Access

By Michael Isikoff National investigative correspondent

NBC News NBC News

updated 11/22/2010 5:52:27 AM ET 2010-11-22T10:52:27

WASHINGTON — How did a hacker in Malaysia manage to penetrate a computer network operated by the

Federal Reserve Bank of Cleveland?

And what was the same accused cybercriminal doing this summer when he allegedly tapped into the secure

computers of a large Defense Department contractor that managed systems for military transport movements

and other U.S. military operations?

Those are among the puzzling questions raised by allegations against Lin Mun Poo, a 32-year-old Malaysia

native whose case illustrates the mounting national secrets

threats posed by overseas cyber attacks, U.S. law enforcement and intelligence officials tell NBC News.

The U.S. government’s case against Poo, who is slated to be arraigned in federal court in Brooklyn on Monday,

has so far gotten little attention. But many of the allegations against him seem alarming on their face, according

to cybercrime experts. "This is scary stuff," said one U.S. law enforcement official. ( He had

what would be called a money bomb; and your firm

may have been a targeted firm as well!)

Poo was arrested by Secret Service agents last month shortly after flying into New York's John F. Kennedy

airport with a "heavily encrypted" laptop computer containing a "massive quantity of stolen financial account

data," including more than 400,000 credit card, debit card and bank account numbers, according to a letter filed

by federal prosecutors last week laying out a "factual proffer" of their evidence against Poo. [ Click here to read

the prosecutors' letter in PDF format.] (The feds got lucky this time; I would

have stayed at home and done it with American Express!)

READ THE NEXT PARAGRAPH!

He later confessed to federal agents that he had gotten the credit and bank

card data by tapping into the computer networks of "several major

international banks" and companies, and that he expected to use the data for

personal profit, either by selling it or trading it, according to the prosecutors'

letter.

Poo's court-appointed lawyer did not respond to a request from NBC News for comment.

'Impressive level of criminal activity'

But far more disturbing, according to U.S. intelligence officials and computer crime experts, was his penetration

of both a Federal Reserve network of 10 computers in Cleveland as well as the secure networks of a "major"

Defense Department contractor. According to the prosecutors' letter, the Pentagon contractor, which has not

been identified, provides system management for military transport and other "highly-sensitive military

operations."

"To have the skills to break into highly sensitive systems like that is an impressive level of criminal activity,"

said Kurt Baumgartner, a senior security researcher for Kaspersky Lab, a computer security firm.

While there is much about Poo's alleged activities that remain unexplained — including his purpose in

accessing the military contractor's computers — his case underscores the continued vulnerabilities of computer

networks that are critical to the country’s national security, U.S. intelligence experts said.

"If a guy from Malaysia can get into networks like this, you can imagine what the Chinese and Russians, the

people with real capabilities, are able to do," said one former senior U.S. intelligence official, who monitored

cyberthreats and asked for anonymity in order to speak candidly.

In fact, the penetration of sensitive national security computers by overseas hackers — many of them believed

to be state sponsored — is rapidly emerging as one of the country’s most alarming national security threats,

officials said. And the threat is not just from foreign governments and for-profit hackers. Officials have also

expressed worries that terrorist groups may be capable of the same sorts of sophisticated penetrations.

U.S. Undersecretary of Defense Bill Lynn recently disclosed in a Foreign Affairs article that the Pentagon

suffered a significant compromise of its classified military computer networks in 2008, when officials

discovered that a malicious computer code had been inserted into a U.S. military laptop at a base in the Middle

East. ( Click here to read the Foreign Affairs article, registration required.)

The flash drive's code was placed there by a "foreign intelligence agency," Lynn wrote, and quickly spread to

the classified network run by the U.S. Central Command. This in turn prompted a Pentagon operation to

neutralize the penetration, which was code-named "Buckshot Yankee," according to Lynn’s article.

"There was massive concern about that," the former U.S. intelligence official said of the 2008 penetration.

"People were freaked out."

The foreign intelligence agency was widely believed to be Russia's, the former official said. The country's

agents were attempting to "exfiltrate" data from the classified Central Command computers, but Pentagon

officials were never able to determine whether they had succeeded in doing so, the official added.

That same year, in an incident first reported by Newsweek in November and later amplified in Bob Woodward's

recent book, "Obama's Wars," Chinese hackers penetrated the campaign computers of the Barack Obama and

John McCain presidential campaigns, prompting the Bush White House to advise both camps to take

countermeasures to protect their data.

Related article: China web hijacking shows Net at risk

As Lynn presented the problem in his article, the penetrations of U.S. military data are growing "exponentially,"

one of the key reasons the Pentagon recently set up the United States Cyber Command to beef up defenses.

"Every day, U.S. military and civilian networks are probed thousands of times and scanned millions of times,"

Lynn wrote. "Adversaries have acquired thousands of files from U.S. networks and from the networks of U.S.

allies and industry partners, including weapons blueprints, operational plans and surveillance data."

So far, it is unclear whether Poo’s alleged hacking created any comparable compromise of sensitive U.S.

government data. Federal prosecutors allege that he hacked into the Federal Reserve computers in Cleveland by

transmitting "malicious" computer codes and commands and that the attack resulted in "thousands of dollars in

damages" that affected "10 or more" Federal Reserve computers.

But June Gates, a spokeswoman for the Federal Reserve in Cleveland, said the penetration was restricted to a

network of "test" computers used for checking out new software and applications and did not contain sensitive

Federal Reserve data about banks in the region. She declined, however, to respond to questions about whether

Federal Reserve officials were aware of the hacking attack when it occurred in June — or only learned about it

last month after Secret Service agents seized Poo’s computer.

Troop movements compromised?

Pentagon officials said Sunday they were unable to respond immediately to questions about whether Poo's

hacking of the contractor's computers had compromised military troop movements. But spokesman Bryan

Whitman said in an e-mailed statement to NBC News: "We are keenly aware that our networks are being

probed everyday. That's precisely why we have a very robust and layered active defense to protect our networks

and preserve our freedom of movement in this domain."

Another critical question is whether Poo was working with a larger hacking network and, if so, who may have

been a part of it. The indictment against him alleges that he acted "together with others." But the indictment

does not identify any co-conspirators. It also does not indicate what Poo expected to do with the data he may

have accessed by hacking into the Pentagon contractor computers. [ Click here to read the indictment in PDF

format.]

Baumgartner, the computer crime expert, said that so far the information about Poo hacking into military

contractor and Federal Reserve computers does not seem to square with the seemingly run-of-the-mill purpose

behind his acquisition of stolen credit card and ATM data. He was arrested hours after his arrival at JFK when

undercover Secret Service agents observed him allegedly selling stolen credit numbers for $1,000 at a diner in

Brooklyn.

"It doesn’t add up," Baumgartner said. "This doesn't fit with a profile of somebody from overseas that has

infiltrated a defense contractor and the Federal Reserve."

So far, almost nothing is known about who Poo really is, what his motivations are, and who his accomplices

might be. But Baumgartner said he believes "that there's a lot more to do this story that hasn't come out."

This not a drill; this is not Hollywood, this is reality from across the world. This is Sneakers

meets the BB&T Challenge!

Targeting BB&T offices and infrastructure

BB&T Corp

Company Description

BB&T Corporation is a financial holding company. The Company conducts its business operations mainly

through its commercial bank subsidiary, Branch Banking and Trust Company 'Branch Bank', which has offices

in North Carolina, South Carolina, Virginia, Maryland, Georgia, West Virginia, Tennessee, Ken...

BB&T Corporation is a financial holding company. The Company conducts its business operations mainly

through its commercial bank subsidiary, Branch Banking and Trust Company 'Branch Bank', which has offices

in North Carolina, South Carolina, Virginia, Maryland, Georgia, West Virginia, Tennessee, Kentucky,

Alabama, Florida, Indiana and Washington, D.C. In addition, the Company's operations consist of a federally

chartered thrift institution, BB&T Financial, FSB and several nonbank subsidiaries, which offer financial

services products. Substantially all of the loans by the Company's subsidiaries are to businesses and individuals

in these market areas. On December 12, 2008, the Company announced the acquisition of all the deposits of

Haven Trust Bank 'Haven Trust' of Duluth, Georgia through an agreement with the FDIC. During 2008, BB&T

acquired eleven insurance businesses and one nonbank financial services company. Branch Bank provides a

range of banking services to individuals and businesses and offers a variety of loans to businesses and

consumers. Such loans are made mainly to individuals residing in the market areas described above or to

businesses located within The Company's geographic footprint. Branch Bank also markets a range of deposit

services to individuals and businesses. Branch Bank offers, either directly, or through its subsidiaries, lease

financing to businesses and municipal governments; factoring; discount brokerage services, annuities and

mutual funds; life insurance, property and casualty insurance, health insurance and commercial general liability

insurance on an agency basis and through a wholesale insurance brokerage operation; insurance premium

financing; permanent financing arrangements for commercial real estate; loan servicing for third-party

investors; direct consumer finance loans to individuals; and trust services.

The direct nonbank subsidiaries of the Company provide a variety of financial services including automobile

lending, equipment financing, full-service securities brokerage, payroll processing, asset management and

capital markets services. The Company's banking operations are locally oriented and community-based. The

subsidiaries of the Company compete actively with national, regional and local financial services providers,

including banks, thrifts, securities dealers, mortgage bankers, finance companies and insurance companies. The

Company's main market area consists of North and South Carolina, Virginia, Maryland, Georgia, eastern

Tennessee, West Virginia, Kentucky, Florida and Washington, D.C. It is regulated under federal and state

banking laws and regulations.

Officers and Executives»

Name

Compensation

Officer Since

Title

Kelly S. King

1.97M

1996

CEO/CEO, Subsidiary/Chairman of the Board/Chairman of the Board, Subsidiary/Director/President

Daryl N. Bible

652,082

2009

CFO/Senior Executive VP

Cynthia B. Powell

-

2009

Chief Accounting Officer/Controller/Senior VP

Clarke R. Starnes,III

-

2000

Chief Credit Officer/Chief Risk Officer/Senior Executive VP

Christopher L. Henson

877,048

2005

COO

Or some of you new hires:

New Hires and Recent Promotions at BB&T

Scott Taylor, CPA

Vice President, LOB Strategic Finance

was Vice President, Financial Reporting and Analysis

4 months ago

Erica Cassidy

Executive Search Consultant/AVP

was Employment Consultant IV/AVP - Executive Search

2 months ago

Lori Pierce, CCSA

Audit Project Leader, AVP

was Senior Internal Auditor, AVP

3 months ago

Bill Lehmann

VP / Business Services Officer

was Regional Special Assets Officer / VP

4 months ago

Tom McFarland

IT Business Services Manager

was PMO Director

Then we have this tidbit to nibble on:

POLITICAL COMMITTEE DISCLOSURE REPORT Export data to .CSV

COVER

Committee Name Committee Type SBoE ID Report Type Period Covered

BRANCH BANK AND

TRUST NORTH CAROLINA

PAC

150 SOUTH STRATFORD

ROAD

SUITE 401

WINSTON SALEM, NC

Political Action

Committee 7100001

2001 Mid Year

Semi-Annual

From: 01/01/2001

To: 06/30/2001

Filed: 07/27/2001

27104

OFFICERS

Type Name Address

Treasurer SCOTT NULL 150 SOUTH STRATFORD ROAD, WINSTON SALEM, NC,

27104

ACCOUNTS

Name Type Address Purpose Begin

Balance

End

Balance

NC ACCOUNT -

BRANCH

BANKING &

TRUST COMPANY

Bank

Account

P. O. BOX 1290, WINSTON

SALEM, NC 27102-1290

SUMMARY

Total this Period Total this Election

Cash on Hand at Beginning $101,203.39 $101,203.39

RECEIPTS

Individuals other than Political Committees: Itemized $403.20 $403.20

Individuals other than Political Committees: Unitemized $13,219.18 $13,219.18

Individuals other than Political Committees: Total $13,622.38 $13,622.38

Political Party Committees $0.00 $0.00

Other Political Committees (such as PACs) $0.00 $0.00

Total Contributions $13,622.38 $13,622.38

Loan Proceeds $0.00 $0.00

Refunds/Reimbursements To the Committee $250.00 $250.00

Interest on Bank Accounts $0.00 $0.00

Total Receipts $13,872.38 $13,872.38

EXPENDITURES

Operating Expenditures $13,000.00 $13,000.00

Contributions to Candidates/Political Committees $14,000.00 $14,000.00

Coordinated Party Expenditures $0.00 $0.00

Loan Repayments $0.00 $0.00

Total Expenditures $27,000.00 $27,000.00

Cash on Hand at End of Reporting Period $88,075.77 $88,075.77

ADDITIONAL INFORMATION

Debts and Obligations owed BY the Committee $0.00

Debts and Obligations owed TO the Committee $0.00

RECEIPTS First Prev 1 of 1 Next Last

Date

Is

Prio

r

Name of

Contributor

and

Complete

Mailing

Receipt Type Purpos

e

Descriptio

n

Accou

nt

Code

Form

of

Payme

nt

Amount

of

Receipt

Sum To

Date

Address

06/30/200

1

Aggregated

Individual

Contribution

Individual

Contribution

$13219.1

8

$13219.1

8

01/09/200

1

ELAINE

MARSHALL

FOR

SENATE

1000 KEITH

HILLS DR

LILLINGTO

N, NC 27546

Refund/Reimbursm

ent to the

Committee

$250.00 $250.00

01/30/200

1

KELLY S

KING

SENIOR

VICE

PRESIDENT

BB&T

2530

COUNTRY

CLUB RD

WINSTON

SALEM, NC

27104

Individual

Contribution $17.20 $17.20

02/27/200

1

KELLY S

KING

SENIOR

VICE

PRESIDENT

BB&T

2530

COUNTRY

CLUB RD

WINSTON

SALEM, NC

27104

Individual

Contribution $17.20 $34.40

03/29/200

1

KELLY S

KING

SENIOR

VICE

PRESIDENT

BB&T

2530

COUNTRY

CLUB RD

Individual

Contribution $17.20 $51.60

WINSTON

SALEM, NC

27104

04/27/200

1

KELLY S

KING

SENIOR

VICE

PRESIDENT

BB&T

2530

COUNTRY

CLUB RD

WINSTON

SALEM, NC

27104

Individual

Contribution $17.20 $68.80

05/30/200

1

KELLY S

KING

SENIOR

VICE

PRESIDENT

BB&T

2530

COUNTRY

CLUB RD

WINSTON

SALEM, NC

27104

Individual

Contribution $17.20 $86.00

06/28/200

1

KELLY S

KING

SENIOR

VICE

PRESIDENT

BB&T

2530

COUNTRY

CLUB RD

WINSTON

SALEM, NC

27104

Individual

Contribution $17.20 $103.20

01/30/200

1

ROBERT F

MYERS

VP

BB&T

116 GOLDEN

BEN LN

Individual

Contribution $25.00 $25.00

CLEMMONS,

NC 27012

02/27/200

1

ROBERT F

MYERS

VP

BB&T

116 GOLDEN

BEN LN

CLEMMONS,

NC 27012

Individual

Contribution $25.00 $50.00

03/29/200

1

ROBERT F

MYERS

VP

BB&T

116 GOLDEN

BEN LN

CLEMMONS,

NC 27012

Individual

Contribution $25.00 $75.00

04/27/200

1

ROBERT F

MYERS

VP

BB&T

116 GOLDEN

BEN LN

CLEMMONS,

NC 27012

Individual

Contribution $25.00 $100.00

05/30/200

1

ROBERT F

MYERS

VP

BB&T

116 GOLDEN

BEN LN

CLEMMONS,

NC 27012

Individual

Contribution $25.00 $125.00

06/28/200

1

ROBERT F

MYERS

VP

BB&T

116 GOLDEN

BEN LN

CLEMMONS,

NC 27012

Individual

Contribution $25.00 $150.00

01/30/200

1

HENRY G

WILLIAMSO

N

CHIEF

OPERATION

S OFFICER

BB&T

4909 KNOB

VIEW CT

WINSTON

SALEM, NC

27104

Individual

Contribution $25.00 $25.00

02/27/200

1

HENRY G

WILLIAMSO

N

CHIEF

OPERATION

S OFFICER

BB&T

4909 KNOB

VIEW CT

WINSTON

SALEM, NC

27104

Individual

Contribution $25.00 $50.00

03/29/200

1

HENRY G

WILLIAMSO

N

CHIEF

OPERATION

S OFFICER

BB&T

4909 KNOB

VIEW CT

WINSTON

SALEM, NC

27104

Individual

Contribution $25.00 $75.00

04/27/200

1

HENRY G

WILLIAMSO

N

CHIEF

OPERATION

S OFFICER

BB&T

4909 KNOB

VIEW CT

WINSTON

SALEM, NC

Individual

Contribution $25.00 $100.00

27104

05/30/200

1

HENRY G

WILLIAMSO

N

CHIEF

OPERATION

S OFFICER

BB&T

4909 KNOB

VIEW CT

WINSTON

SALEM, NC

27104

Individual

Contribution $25.00 $125.00

06/28/200

1

HENRY G

WILLIAMSO

N

CHIEF

OPERATION

S OFFICER

BB&T

4909 KNOB

VIEW CT

WINSTON

SALEM, NC

27104

Individual

Contribution $25.00 $150.00

Total ALL

Receipts:

$13,872.3

8

First Prev 1 of 1 Next Last

EXPENDITURES First Prev 1 of 1 Next Last

Date

Name of Payee

and Complete

Mailing

Address

Expenditu

re Type Purpose

In-Kind

Descriptio

n

Accoun

t Code

Form

of

Payme

nt

Amount of

Expenditu

re

Sum to

Date

01/09/200

1

GNOSSOS

SOFTWARE

1625 K ST

NW/STE 1250

WASHINGTON

, DC 20006

Operating

Expense

SOFTWARE

PURCHASE $8000.00 $8000.00

04/22/200

1

GNOSSOS

SOFTWARE

1625 K ST

NW/STE 1250

WASHINGTON

, DC 20006

Operating

Expense

SOFTWARE

PURCHASE $4000.00

$12000.0

0

05/15/200

1

GREATER

RALEIGH

CHAMBER OF

COMMERCE

PO BOX 2978

RALEIGH, NC

27602

Operating

Expense

SPONSORING

LEGISLATIVE

RECEPTIONIS

T

$1000.00 $1000.00

06/26/200

1

NC BANKERS

ASSN PAC

PO BOX 19999

RALEIGH, NC

27619-1999

Contributio

n to

Candidate

or Political

Committee

CONTRIBUTIO

N $2500.00 $2500.00

03/22/200

1

NC FORUM

FOR RES &

ECON ED PAC

5 W HARGETT

ST STE 1110

RALEIGH, NC

27601

Contributio

n to

Candidate

or Political

Committee

CONTRIBUTIO

N $10000.00

$10000.0

0

05/30/200

1

THE JUSTICE

COMM

PO BOX 2277

RALEIGH, NC

27602

Contributio

n to

Candidate

or Political

Committee

CONTRIBUTIO

N $500.00 $500.00

05/30/200

1

TYSON FOR

COURT COMM

410 RAMSEY

ST STE 100

FAYETTEVILL

E, NC 28301-

4910

Contributio

n to

Candidate

or Political

Committee

CONTRIBUTIO

N $1000.00 $1000.00

Total ALL

Expenditures: $27,0

The great democratic process at work? Or is it a blueprint for disaster? If I have a basis to work with when it

comes to address of the main players in the company, then I have the keys to the kingdom.

This is just a small synopsis of the 3 Hour Tour of the

web exposure of and to your firm. Not

included were telephone network maps, information network superstructure or carries or technologies. But what

was not included is a full investigation of general information of BB&T corporate structure or investigation of

the backgrounds of employees. It is with such basic information to cajole, blackmail, force, kidnap, add

subterfuge to the mixture or any other aspect of possible criminal activities; or the ability to infiltrate YOUR

NETWORKS AND SECURITY without detection or discovery until it is too late. The thought is to provide you

with a workable, possible, logical and cost effective program for both yourselves and then pass such knowledge

onto the clients.

Thank you for your time today reading this exposé’s.

Ian A. Murphy