RUNNING HEAD: HACKING

Hacker Target, Prevention and Response

Name:

Course:

Tutor:

Date:

Hacker Target, Prevention and Response

Introduction

With the advent of new developments frequently bringing change in the world today as well as the evolution of computer technology, there are bound to be challenges in form of crimes also associated with them. These include the access of other individuals’ or organizations’ systems through system vulnerability such as hacking or other means hence the need for proper evolution understanding. This has created a new set of problems that needs the provision of enforced security on computers, security systems and assurance on information. This can be done by effectively making students literate and aware by training and educating on how they can protect the information assets of an organization. It is important as it controls the access to computers and subsequently to systems. However the evolutions necessitate constant good practices of security and vigilance.

The information system of an organization is very vital as it contains the most complex assets of the organization in the form of information assurance. This may be data in addition to the ability to offer information. It is necessary to protect this system as any harm on it results in the damage to the organization as it affects the confidentiality of the information.

People are considered the greatest risk to security information. Therefore, as revealed in the case study provided security will be a great issue to the organization due to the risk of hacking by a terminated former employee. This is I order to prevent the unauthorized use hence misuse of the knowledge, facts, capabilities as well as data available. This is because the safety of an organization, information or computer systems cannot be provided by information systems alone. The paper will therefore analyze the targets of the terminated employee and how he can achieve them in addition to ways in which these can be prevented.

The former employee may feel wronged by the organization if terminated without will hence the need to pay back not majorly by gaining access but by causing damage to cause a Defect on Systems. Since the former employees’’ intention is to retaliate, he may hack the information system or site by breaking into computers in the effort to intrude or make the systems completely unusable. The former security clearance officer will be doing this with malicious intent in order to vandalize ah he does not have much care on the controlling system. In addition he may be in search of confidential information for his own use or spread it to others to create a negative image of the organization (Van Tongerloo, 2009). However, even if the termination was voluntary he may attempt access to the computer system in order to take the organization’s intellectual property or assets.

As former high security clearance officer in the organization, he will not need to perform extensive reconnaissance as he has some information and detailed knowledge regarding the organization’s information system. He is therefore aware of the system vulnerabilities as well as most policies and procedures used to protect the sensitive information of the organization (Purcell, 2011). He may want to modify the data by making changes to the messages or information of an organization that results in negative effects that hurt the organization. He can do this by installing sniffers to access information on transit. This is in order to gain access to the IDs and usernames applied in various areas. He can also do this through interception by use of special software. In addition, he may make use of open sharing where files are shared by becoming a root on the system and make any changes. On the other hand, the availability of the remote login without password may make it easy for him since he does not have to reenter the password regardless of the system in use (Maiwald, 2003).

He may also opt to take advantage of bad passwords by using weak passwords to gain access into the system as they can easily be guessed by making use of dial-in access. Programming flaws may also act as one of the means for hacking. This may be in the form of buffer overflows to overwhelm the target system, causing it to crash or make commands that raise the system’s privileges. Since he possesses a lot of information and contacts with other employees he may choose to use the social engineering method where one uses other human relationships to achieve his goal. This will be made easier by his knowledge of the internal activities (Dolan, 2004). In this case, he may call an employee in the organization as technical support representative asking for a certain password to correct a problem in the experienced by an employee in the system. Conversely, he may pretend to be the employee himself seeking appropriate information or feign forgetfulness and the need to change his password.

Knowing the names of the key people like the executives and new employees he may use this to access various accounts. Another method that the former employee may use to damage files, data and information is attachment of computer viruses by use of scripts to certain important programs. Alternatively, the person might find the information required from the organization’s dumping site at night. Depending on the nature of the termination, he may also have installed malicious software as ground work before leaving. Based on his intentions and methods the former employee may according to Dube be referred to as a black or targeted hacker (2008) since they cause damage to the computer system.

As the chief information security officer in the organization, I will take the necessary measures to ensure that all systems are henceforth protected during the processing, storage and transmission of data to prevent access by strangers. This will include well-developed processes and procedures to guard against threats and vulnerable exploitations such as the establishment of information security services. Additionally, security controls will be important to protect the information system from attacks related to confidentiality, integrity and also availability (Purcell, 2011). Before termination, all system access and privileges possessed by the person should be revoked at once and ensure that no property of the organization leaves the premises.

First and foremost, I will have to apply risk assessment techniques to scan the system again to identify any vulnerable points posed by the circumstances. Proper configuration of systems and techniques to programme will have to be put in place to void hacking attempts. Consequently, the significant security measures will be employed at any noticed point of vulnerability. This will include fixing of programmes to ensure that there are no flaws as illustrated by Maiwald. For example, the installation of external firewalls to avoid sharing files that are misconfigured along intrusion detection may serve as some of the protective mechanisms. In case of any root file systems such as Unix and Windows NT the default configurations need to be changed to avoid unnecessary access by creating remote access (2003). Authorized system users will also be told the need to use stronger passwords and all systems checked for default passwords will make unauthorized access easy. Additionally, the use of smart cards and biometrics may be initialized in other relevant areas. In order to prevent hacking through social engineering, training to create awareness on the employees should be conducted and the desk staff reminded on how to identify employees. Employees should also learn to identify authorized and unauthorized people in the office and how to deal with various situations. They should also be made familiar with the common techniques used in social engineering (Dolan, 2004). This is very important as this form of hacking technique is extremely powerful and gives the hacker penetration of the target completely.

So as to prevent complete loss of information, backups in form of paper files or even electronic tapes can be made. This is to counter damage by deletion and should be stored in areas with tight security. Mechanisms to identify important missing files would need to be included so as to replace them in good time. Finally methods for identification and authenticity will be put in place to ensure that users of various systems are who they really claim to be. This normally employ the use of numerical information such as devices that read fingerprints, voice prints, images or keyboards for entering passwords (Dube, 2008).

It can therefore be stated as a conclusion that the necessary information and techniques regarding the changing trends in computer technology are important. This is to make sure that all operations, confidentiality and security concerning the systems are maintained due to reliability and importance we attach to them.

References

Dolan, A. (2004, February 10). Social engineering. Retrieved May 6, 2011, from Sans Institute:

http://www.sans.org/reading_room/whitepapers/engineering/social-engineering_1365

Dube, R. (2008). Hardware-based computer security techniques to defeat hackers: from

biometrics to quantum cryptography. New Jersey: John Wiley and Sons.

Maiwald, E. (2003). Fundamentals of network security. New York: Mc Graw-Hill Professionals .

Purcell, J. (2011, May 6). Employee Management Security Controls. Retrieved May 6, 2011,

from Sans Security: http://software-security.sans.org/community/paper/cissp/employee-management-security-controls

Van Tongerloo, E. (2009, April 30). Why hackers hack. Retrieved May 6, 2011, from Helium:

Hacking: http://www.helium.com/items/216833-why-hackers-hack

RUNNING HEAD: HACKING

Hacker Target, Prevention and Response

Name:

Course:

Tutor:

Date:

Hacker Target, Prevention and Response

Introduction

With the advent of new developments frequently bringing change in the world today as well as the evolution of computer technology, there are bound to be challenges in form of crimes also associated with them. These include the access of other individuals’ or organizations’ systems through system vulnerability such as hacking or other means hence the need for proper evolution understanding. This has created a new set of problems that needs the provision of enforced security on computers, security systems and assurance on information. This can be done by effectively making students literate and aware by training and educating on how they can protect the information assets of an organization. It is important as it controls the access to computers and subsequently to systems. However the evolutions necessitate constant good practices of security and vigilance.

The information system of an organization is very vital as it contains the most complex assets of the organization in the form of information assurance. This may be data in addition to the ability to offer information. It is necessary to protect this system as any harm on it results in the damage to the organization as it affects the confidentiality of the information.

People are considered the greatest risk to security information. Therefore, as revealed in the case study provided security will be a great issue to the organization due to the risk of hacking by a terminated former employee. This is I order to prevent the unauthorized use hence misuse of the knowledge, facts, capabilities as well as data available. This is because the safety of an organization, information or computer systems cannot be provided by information systems alone. The paper will therefore analyze the targets of the terminated employee and how he can achieve them in addition to ways in which these can be prevented.

The former employee may feel wronged by the organization if terminated without will hence the need to pay back not majorly by gaining access but by causing damage to cause a Defect on Systems. Since the former employees’’ intention is to retaliate, he may hack the information system or site by breaking into computers in the effort to intrude or make the systems completely unusable. The former security clearance officer will be doing this with malicious intent in order to vandalize ah he does not have much care on the controlling system. In addition he may be in search of confidential information for his own use or spread it to others to create a negative image of the organization (Van Tongerloo, 2009). However, even if the termination was voluntary he may attempt access to the computer system in order to take the organization’s intellectual property or assets.

As former high security clearance officer in the organization, he will not need to perform extensive reconnaissance as he has some information and detailed knowledge regarding the organization’s information system. He is therefore aware of the system vulnerabilities as well as most policies and procedures used to protect the sensitive information of the organization (Purcell, 2011). He may want to modify the data by making changes to the messages or information of an organization that results in negative effects that hurt the organization. He can do this by installing sniffers to access information on transit. This is in order to gain access to the IDs and usernames applied in various areas. He can also do this through interception by use of special software. In addition, he may make use of open sharing where files are shared by becoming a root on the system and make any changes. On the other hand, the availability of the remote login without password may make it easy for him since he does not have to reenter the password regardless of the system in use (Maiwald, 2003).

He may also opt to take advantage of bad passwords by using weak passwords to gain access into the system as they can easily be guessed by making use of dial-in access. Programming flaws may also act as one of the means for hacking. This may be in the form of buffer overflows to overwhelm the target system, causing it to crash or make commands that raise the system’s privileges. Since he possesses a lot of information and contacts with other employees he may choose to use the social engineering method where one uses other human relationships to achieve his goal. This will be made easier by his knowledge of the internal activities (Dolan, 2004). In this case, he may call an employee in the organization as technical support representative asking for a certain password to correct a problem in the experienced by an employee in the system. Conversely, he may pretend to be the employee himself seeking appropriate information or feign forgetfulness and the need to change his password.

Knowing the names of the key people like the executives and new employees he may use this to access various accounts. Another method that the former employee may use to damage files, data and information is attachment of computer viruses by use of scripts to certain important programs. Alternatively, the person might find the information required from the organization’s dumping site at night. Depending on the nature of the termination, he may also have installed malicious software as ground work before leaving. Based on his intentions and methods the former employee may according to Dube be referred to as a black or targeted hacker (2008) since they cause damage to the computer system.

As the chief information security officer in the organization, I will take the necessary measures to ensure that all systems are henceforth protected during the processing, storage and transmission of data to prevent access by strangers. This will include well-developed processes and procedures to guard against threats and vulnerable exploitations such as the establishment of information security services. Additionally, security controls will be important to protect the information system from attacks related to confidentiality, integrity and also availability (Purcell, 2011). Before termination, all system access and privileges possessed by the person should be revoked at once and ensure that no property of the organization leaves the premises.

First and foremost, I will have to apply risk assessment techniques to scan the system again to identify any vulnerable points posed by the circumstances. Proper configuration of systems and techniques to programme will have to be put in place to void hacking attempts. Consequently, the significant security measures will be employed at any noticed point of vulnerability. This will include fixing of programmes to ensure that there are no flaws as illustrated by Maiwald. For example, the installation of external firewalls to avoid sharing files that are misconfigured along intrusion detection may serve as some of the protective mechanisms. In case of any root file systems such as Unix and Windows NT the default configurations need to be changed to avoid unnecessary access by creating remote access (2003). Authorized system users will also be told the need to use stronger passwords and all systems checked for default passwords will make unauthorized access easy. Additionally, the use of smart cards and biometrics may be initialized in other relevant areas. In order to prevent hacking through social engineering, training to create awareness on the employees should be conducted and the desk staff reminded on how to identify employees. Employees should also learn to identify authorized and unauthorized people in the office and how to deal with various situations. They should also be made familiar with the common techniques used in social engineering (Dolan, 2004). This is very important as this form of hacking technique is extremely powerful and gives the hacker penetration of the target completely.

So as to prevent complete loss of information, backups in form of paper files or even electronic tapes can be made. This is to counter damage by deletion and should be stored in areas with tight security. Mechanisms to identify important missing files would need to be included so as to replace them in good time. Finally methods for identification and authenticity will be put in place to ensure that users of various systems are who they really claim to be. This normally employ the use of numerical information such as devices that read fingerprints, voice prints, images or keyboards for entering passwords (Dube, 2008).

It can therefore be stated as a conclusion that the necessary information and techniques regarding the changing trends in computer technology are important. This is to make sure that all operations, confidentiality and security concerning the systems are maintained due to reliability and importance we attach to them.

References

Dolan, A. (2004, February 10). Social engineering. Retrieved May 6, 2011, from Sans Institute:

http://www.sans.org/reading_room/whitepapers/engineering/social-engineering_1365

Dube, R. (2008). Hardware-based computer security techniques to defeat hackers: from

biometrics to quantum cryptography. New Jersey: John Wiley and Sons.

Maiwald, E. (2003). Fundamentals of network security. New York: Mc Graw-Hill Professionals .

Purcell, J. (2011, May 6). Employee Management Security Controls. Retrieved May 6, 2011,

from Sans Security: http://software-security.sans.org/community/paper/cissp/employee-management-security-controls

Van Tongerloo, E. (2009, April 30). Why hackers hack. Retrieved May 6, 2011, from Helium:

Hacking: http://www.helium.com/items/216833-why-hackers-hack