Countering Computer Hacks-Sandy Suhling

394 views
265 views

Published on

INFO 644: Critical Thinking 2, a case study on a computer hack at Stellar University

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
394
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
12
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Countering Computer Hacks-Sandy Suhling

  1. 1. Countering Computer Hacks: A Case Study By Sandy Suhling
  2. 2. Computer hacking ● What is it? (Beaver, 2007) ● Who does it? (Skoudis & Liston, 2005) ● Why is it a problem?
  3. 3. Case Study: Background ● About Stellar University ● Computer security ● Corporate culture
  4. 4. Case Studies: Problems ● Computer system ○ no backup system ○ no firewall, unsecured subnet ○ server_1 naming convention ○ personnel conflicts ○ outdated server-IBM Netfinity 1999 ● Shift in Management focus ○ financial difficulties ○ all servers located at the computer center ○ reverse engineering, problems with changes ○ decision to replace server_1, action delayed
  5. 5. Case Study: What happened? ● Suspicious activity noticed by system administrator ● user ID Ken created w/ administrator rights ● Antivirus process to examine open files was disabled
  6. 6. Case Study: Immediate counter attacks ● cleaned the servers so they could be brought back up ● removed all malware that had been identified ● created password restrictions ● External vendor hired to certify the systems were completely cleaned, full functionality
  7. 7. Case Study: Long-term counter attacks ● informal post-mortem of what went wrong and why ● modified standard server configurations ● temporary password policy was made permanent ● eliminated invalid/multiple accounts ● Other possibilities were considered, but needed support from system administrators
  8. 8. Case Study: Were counter attacks adequate and effective? ● sufficient immediate counter attacks ● good use of technical controls ● formal and informal controls relatively absent from response
  9. 9. Case Study: Lessons Learned ● Communication and team work are vital ● Technical controls play an important role in preventing computer hacking ● Compromises in security (i.e. hacks and recovery) can be costly ● Education of employees is worthwhile
  10. 10. References ● Beaver, K. (2007). Hacking for dummies. Hoboken, NJ: Wiley Publishing. Retrieved from http://proquest.safaribooksonline.com.proxy.library. vcu. edu/9780470052358 ● Dhillon, G. (2007). Principles of information systems security: Text and cases. Hoboken, NJ: John Wiley & Sons. ● Skoudis, E. and Liston, T. (2005). Counter hack reloaded: A step-by-step guide to computer attacks and effective defenses. (2nd Ed.). New York, NY:Prentice Hall. Retrieved from http://proquest.safaribooksonline. com. proxy.library.vcu.edu/book/networking/security/9780131481046 ● Stock.XCHNG. (2013). Photos. http://www.sxc.hu/

×