Transcript
CRITICAL THINKING TWO
By Qi’Anna Norman
CASE OF A COMPUTER HACK
WHAT HAPPENED?
At Stellar University (SU) which is a primarily technology
driven school, computer system was hacked.
The lack of communication between the configuration of
back up system portals, changes in management, a
nonexistent password policy, and human error, led to “a case
of a computer hack”
The case study focuses on the situation, what happened,
what went wrong, and the changes made to help prevent
immediate and future attacks.
SU’S COMPUTER SYSTEM
The SU computer system had many obvious flaws. • The difference in the primary system name led to an
unsecure site being ruled operational but rejected by the networking group
Miscommunications• The reason behind the need for the system name to
coincide with the university's domain name was never clearly communicated to technicians.
SU’S COMPUTER SYSTEM
The server was placed on a unsecure subnet with
no firewall making the university's computer systems
vulnerable to security threats and information hacks.
The extension of a hardware warranty was not
immediately renewed leaving the operation system
vulnerable for several days.
CHANGES
Management• New management required the location of all
servers operated by the University to be centralized (the computer center).
• The change in location made for a new subnet to be used that was not protected by a firewall
• The centralized location was now occupied by individuals weary of their new job duties
• A lack of cohesion between the computer staff and the system administrators
MORE ISSUES
Financial restraints due to budget cuts lead to lay
offs in the information system department
Due to short staffing, more work, less employees
lead to employee frustration
THE HACK
A random file was discovered on the desktop of a system
administrator
When the system administrator logged onto the university
domain, a series of pop up windows sprung up on his screen.
A new user ID named “Ken” was created a few weeks prior.
This new ID was not created in accordance to SU’s policy for
user names, therefore adding to the suspicion of an security
breach.
THE HACK
When attempting to conduct an antivirus scan
records showed that feature had been disabled,
solidifying a hack had taken place.
IMMEDIATE RESPONSE
Disconnection of the system from the universities'
network to avoid the spread of other security
breaches.
To apply the new Microsoft patch to fix the issue
HOW DID THIS HAPPEN?
It was then determined that a Trojan virus had
been placed on the server by an unknown source
IMMEDIATE COUNTERAT TACK ACTIONS
Password restrictions were now required for all
users• Password expiration dates• Password policy was implemented
LONG -TERM COUNTERAT TACK ACTIONS
The monitoring of the University's antivirus
software
The password policies were made permanent
The destruction of invalid (multiple) user accounts
RESOURCES
Dhillon, G. (2007). Principles of Information
System Security: Text and Cases. Hoboken, NJ: John
Wiley & Sons, Inc.
QUESTION
Do you think that more effort should have been
placed on finding the person responsible for the
hack?
top related