...FXT2 Task 2 Follow-Up re: Human Resources Data Modification 1. Identify areas that were not addressed by the IT staff’s response to the incident. Based on the narrative, the only corrective measure the company implemented was PKI. As noted in the original evaluation, several areas need to be addressed: * Climate/culture of the organization * Employee training for social engineering attacks * Positive identification of employees when granting role-based access * Vulnerabilities within and without the network, specifically to sniffers and eavesdropping * The ease with which the employee changed his pay rate, indicating a single system used for HR profiles rather than segregated duties & systems * The PKI that was installed only addressed the HR system, rather than the entire organization Honestly, the whole environment at this company needs a complete evaluation and overhaul! 2. Outline the other attacks mentioned in the scenario that were not noticed by the organization. * Social Engineering * Sniffing/Eavesdropping * Unauthorized Privilege Escalation * Network Penetration * Spoofing a. Describe the nature of the attacks not noticed by the organization. By “the nature of the attacks” I interpret this to mean the source of the attacks, or the skillset required to carry out the attacks. I believe this employee was tenured based on their ability to: * Hack into the HR system * Successfully intercept the email from...
Words: 801 - Pages: 4
...ENTERPRISE CONTINUITY PLANNING Responding to Attacks and Special Circumstances Continued Assessments During a Disaster By Charles Paddock FXT2 – Task 2 November 5th, 2012 A. Perform a post event evaluation of how the organization’s IT staff responded to the attack described in the scenario by doing the following: 1. Describe the nature of the incident. The nature of the incident was that an internal employee successfully hacked into the human resources, payroll and electronic mail systems. The employee was then able to manipulate payroll data, intercept emails and impersonate staff through electronic means. There were a number of techniques used in this attack such as network eavesdropping, IP spoofing, social engineering, man in the middle, and escalation of access privileges. All of these types of attacks are consistent with an experienced hacker who knew what he was after. The incident was only discover because of an auditor reviewing the records and noticed the changes. When the auditor notified management of the discrepancies via email his emails were intercepted and the hacker negotiated higher access privileges by posing as management and IT Staff. 2. Identify who needs to be notified based on the type and severity of the incident. The first call should be to the Security and IT teams to secretly verify the attack and prevent further escalation. In the case where you believe we have been hacked and you do not know the extent of the...
Words: 1283 - Pages: 6
...------------------------------------------------- ENTERPRISE CONTINUITY PLANNING FXT2 TASK 2 November 10, 2015 chrystal kimbrough WGU November 10, 2015 chrystal kimbrough WGU EXPLANATION SUMMARY ENTERPRISE CONTINUITY PLANNING A company’s worst fear came to fruition when an employee hacked into his own records on the human resource system and was successful in modifying their own records. The employee gave himself an increase in pay by increase his base salary rate. The employee had success in performing this crime by spoofing an IP address, allowing their self the ability to eavesdrop on the network. By spoofing the specific IP address, the employee was able to find the location of the data and successfully modified it for their gain. After the fact, the employee received two paychecks containing the fraudulent salary. An auditor, who was effectively performing their job duties, became aware of the fraudulent acts of the employee, and thus sent an email to several pertinent individuals within the organization making them aware of the situation and that there is potentially a discretion with the employee’s paycheck. Probably on the “look-out” for reaction from their errant ways, the employee somehow was able to intercept the emails that were intended for the original recipients. The employee then created falsified responses, posing them to seem as if they were coming from the intended individuals that the original email was sent to. This exchange went on back and...
Words: 3197 - Pages: 13
