Fxt2 Task 2

1832 Words8 Pages
A1. The Nature of the incident was that an employee was able to hack into the computer system and gain access to the financial payroll system, human resources and even email system. This employee used several methods in order to gain access into the system: IP spoofing, Data modification, Man in the middle attack and compromised-key attack. As a result the employee was able to tamper with payroll system. An auditor discovered the discrepancies and tried to make upper management aware of the situation through email, but the email was intercepted by the hacker. The hacker impersonated an employee and persuaded the auditor into granting him more access into the system which resulted in additional sabotage into the payroll system. Hacker…show more content…
Immediately bring down any affected systems shut them down and power down switches and/or routers to entire segment that were hacked. The servers that were hacked need to be immediately reset meaning passwords, backup system and its applications. But before doing this to any system the company should take an image of the affected systems for forensic investigation, this will be the evidence against the hacker. Virus software needs to be run as soon as possible and security patches need to be installed on the entire company’s network system. The computers that were hacked need to be shut down and retrieve specially the one from the employee that hacked the system. Reroute network traffic to back up servers. This will help the company to minimalize the incident from reoccurring. The company should also remove/reset accounts and/or backdoors left on hacked systems. A4. How the factor that caused the incident could be removed? The company must ensure that proper steps were taken to remove all affects systems from the network. Ensure that systems were reimaged and passwords reset. Latest virus definitions need to be updated along with all security patches in order to fix any vulnerability that was exploited by the hacker. Unused services should also be disabled in order to harden the system against any future attacks. All of the affected computers should also have been reimaged. The company might need to reiterate

More about Fxt2 Task 2

Get Access