Retrieved de https://studentshare.org/miscellaneous/1530176-a-penetrating-analysis
https://studentshare.org/miscellaneous/1530176-a-penetrating-analysis.
The administrator had stored his admin password on his mobile phone and had left the phone unattended in his office. At that time he had not realized that his mobile had been tampered with or that anyone had retrieved the admin password and user name from it. Approximately two weeks later, a virus was uploaded to the company's server and effectively shredded all employee information. Investigations into the attack uncovered evidence from the data dump and the syslog files which indicated that the virus had been directly uploaded from within the organization by the administrator himself.
At least, the username and the password the attacker had entered to access the company's server were the administrator's. Further investigations revealed the password theft incident and identified the attacker as a disgruntled IT employee, who had just been put on notice by the administrator. The employee in question was, of course, fired and legal measures were taken against him. The employee records, after the investment of considerable effort and time by the IT department, were retrieved.
The seThe security incident described in the above, comprises a malicious attack whose potential for damage was significant. The attacker limited himself to the uploaded of a virus but, alternatively, he could have retrieved company information which was of value to competitors, such as client lists and a proposal that the company was putting together, at that time, for a bid. The consequences, in other words, could have been more damaging than they ultimately were, not because the company's network security system was effective but because the attacker's goal was limited to the uploading of the virus in question.
Reflecting upon the security incident outlined in the previous, it is apparent that the network administrator was at fault. Password information should be safeguarded as keys to a vault are, insofar as they are the keys to a corporation's nerve center and misuse has the potential to wreak tremendous damage on a corporation. The second security incident which the company confronted was much more serious and occurred as a direct consequence of a vulnerability in the Cisco router which the company had installed.
Apparently, Cisco IOS had a security hole which the company was trying to resolve through a software patch. Cisco had informed its IOS users that they would need to download and install the new software but had not mentioned the security hole. Therefore, my company and the IT department were, as the case with the countless of companies which used IOS across the world, unaware of the presence of a security hole. Many criminal hackers, however, were and Cisco only admitted it at a much later date (Zetter, 2005).
Exploitation of this particular security hole did not mean, as the network administrator explained, that a hacker could enter the corporate network but that he/she could both tamper with the data and control the data flow. This is precisely what happened. The router password was changed, financial records were tampered with and two orders for financial transfers were sent by the Financial Director to an offshore bank
...Download file to see next pages Read More