Countering Computer Hacks-Sandy Suhling
Upcoming SlideShare
Loading in...5
×
 

Countering Computer Hacks-Sandy Suhling

on

  • 221 views

INFO 644: Critical Thinking 2, a case study on a computer hack at Stellar University

INFO 644: Critical Thinking 2, a case study on a computer hack at Stellar University

Statistics

Views

Total Views
221
Views on SlideShare
221
Embed Views
0

Actions

Likes
0
Downloads
3
Comments
0

0 Embeds 0

No embeds

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Countering Computer Hacks-Sandy Suhling Countering Computer Hacks-Sandy Suhling Presentation Transcript

  • Countering Computer Hacks: A Case Study By Sandy Suhling
  • Computer hacking ● What is it? (Beaver, 2007) ● Who does it? (Skoudis & Liston, 2005) ● Why is it a problem?
  • Case Study: Background ● About Stellar University ● Computer security ● Corporate culture
  • Case Studies: Problems ● Computer system ○ no backup system ○ no firewall, unsecured subnet ○ server_1 naming convention ○ personnel conflicts ○ outdated server-IBM Netfinity 1999 ● Shift in Management focus ○ financial difficulties ○ all servers located at the computer center ○ reverse engineering, problems with changes ○ decision to replace server_1, action delayed
  • Case Study: What happened? ● Suspicious activity noticed by system administrator ● user ID Ken created w/ administrator rights ● Antivirus process to examine open files was disabled
  • Case Study: Immediate counter attacks ● cleaned the servers so they could be brought back up ● removed all malware that had been identified ● created password restrictions ● External vendor hired to certify the systems were completely cleaned, full functionality
  • Case Study: Long-term counter attacks ● informal post-mortem of what went wrong and why ● modified standard server configurations ● temporary password policy was made permanent ● eliminated invalid/multiple accounts ● Other possibilities were considered, but needed support from system administrators
  • Case Study: Were counter attacks adequate and effective? ● sufficient immediate counter attacks ● good use of technical controls ● formal and informal controls relatively absent from response
  • Case Study: Lessons Learned ● Communication and team work are vital ● Technical controls play an important role in preventing computer hacking ● Compromises in security (i.e. hacks and recovery) can be costly ● Education of employees is worthwhile
  • References ● Beaver, K. (2007). Hacking for dummies. Hoboken, NJ: Wiley Publishing. Retrieved from http://proquest.safaribooksonline.com.proxy.library. vcu. edu/9780470052358 ● Dhillon, G. (2007). Principles of information systems security: Text and cases. Hoboken, NJ: John Wiley & Sons. ● Skoudis, E. and Liston, T. (2005). Counter hack reloaded: A step-by-step guide to computer attacks and effective defenses. (2nd Ed.). New York, NY:Prentice Hall. Retrieved from http://proquest.safaribooksonline. com. proxy.library.vcu.edu/book/networking/security/9780131481046 ● Stock.XCHNG. (2013). Photos. http://www.sxc.hu/