Businesses face risks of varying magnitudes in their day-to-day operations. If these risks are not curtailed they may result in adverse effects on business operations of an organization. In order to protect businesses, their personnel, and their assets so that they can operate in case of disasters, it has become very important for the businesses to develop a strategy that recognizes the threats the business is facing. This is defined as enterprise continuity planning. In enterprise continuity planning, all potential risks to a business are defined, how the risks affect the business is determined, procedures that are developed to safeguard the business from the mitigation factors are implemented, tested and reviewed periodically to ensure that they are up-to-date. An example of enterprise continuity planning is a financial firm that keeps its files in an offsite storage such that a fire at their main office cannot hinder operations of its other branches. This essay provides an in-depth enterprise continuity planning analysis of a financial firm that has been hacked by an employee with malicious intentions of increasing their wage.
An employee gained an unauthorized access to a computer system by spoofing an IP address to indicate to a computer that the information was coming from a trusted host. The employee was able to spoof the computer system because it lacked adequate protection through routers and firewalls. After gaining the access, the employee found out the exact place where the data was stored and how to alter the data. With that information, the employee was able to increase his salary. The change was not discovered fast and the employee received two paychecks with the improved salary. After the discovery of the error by the organizations editor, the auditor sent emails to several individuals with an aim of explaining the suspected discrepancies in the employees paycheck. However, the employee intercepted the emails and wrote fake responses with false promises of dealing with the issue. After constantly communicating with the auditor, the employees convinced the auditor to provide him with login credentials in order to check the paycheck and correct any errors noticed. Using the provided credential, the employee reduced the salary of some senior employees in order to cater for the deficit that arose from his increase in his pay.
The spoofing was blamed on the lack of encryption and authentication controls for the communication used by the organization. Thus, the company installed a public local key infrastructure through a local root certificate authority to ensure that any communication from the human resource department was authenticated to prevent unauthorized access and eavesdropping. The public key infrastructure would also protect the host computers from spoofing.
The organization would have needed to develop the list of individuals to notify of any alleged unauthorized access to their system based on their seniority in the organization and the severity of the risk. This will ensure that the more severe the risk the more urgent the need to ensure that the senior management becomes aware of the problem. For example, in this case, the files in the human resource department were accessed illegally by a hacker. Any discrepancies in the organization books could have been reported to the human resource department to check whether the unaccounted spending could be justified through either overtime or casual employees. Inability to get a vivid explanation would then require the auditor to report it to the senior financial officer who would then request the information technology (IT) department to audit its system in order to trace the cause of this suspected error in the paycheck. It is through the audit of the companies system by the IT department that the company can trace the illegal access to its servers and the files that were accessed as well as
Depending on the magnitude of the money involved, there is a need for the auditor to inform up to the company president in case of a large value of money. All the employees whose pay was reduced by the hacker would also need to be informed of the cause of their changes in the pay-checks and how the business will rectify the issue. With an illegal access of the companys paychecks, the company would also have to inform its public relation team in order to keep it informed in case of the leak of the information to the press. The employee who is also suspected of hacking the companys system or benefiting from the hack would also have to be informed, but only after the case has been solved, of the possible disciplinary action the company may take on him if it is proved that he illegally accessed its confidential human resource records.
The incident could have been contained quickly by verifying performance of a quick audit of the companies system in order to identify and remove the unauthorized access credentials. Once the auditor realized that there might be something wrong with the employees' paycheck, it would have been important for him to recommend a quick system audit by the IT department to verify whether the employee records have been tampered with maliciously or not through an authorized or unauthorized access. This would confirm whether the change in employees paychecks was a clerical error or a hack. This could be done by informing the senior human resource manager or the financial manager through a secure means in order to authorize the audit.
When it was discovered that the auditors emails had been intercepted and they had not reached their intended destination, it would have been very important to eliminate all human resources communication via email until the IT department installed an encryption system that would be difficult to break. The auditor and all the staff at the human resources would be advised through an internal memo to change their passwords to avoid the use of any stolen passwords to access their departmental files.
The incidence was caused by the spoofing of the organization's computer hosts. If these computers were spoof-proof, then the incidence would not have happened. To eliminate spoofing, it would be very important for the company to authenticate and encrypt its communication channels to prevent malicious users from intercepting legitimate communication between two users of a system and altering the information flowing without the knowledge of either of the people who are supposed to be communicating.
It is important for an organization to ensure that its routers are properly configured to ensure that the flow of forged traffic from the internet is restricted. Modern-day firewall vendors usually include a configurable mechanism for anti-spoofing which is very vital for the protection of private networks on their external interface. The interface facing the internet should not be allowed to accept any source addresses that come from outside in order to be utilized as the range for an internal network. Rejection of source address that originates from the outside of a system public network range can also be very vital in combatting spoofing of a network.
Training employees on spoofing would also be very vital in combatting the problem. These employees could learn how to track suspicious emails and to avoid sharing confidential information such as login credentials via email. If the company had offered adequate information to its employees on spoofing, it would have been difficult for the auditor to share the access passwords with the malicious employee.
After the employees paycheck was hacked, it was important for the company to recover its system in order to resume the normal operations. Recovery of the system involved invoking all login credentials to a system and creation of new logins by the system admin for the staff based on their departments. This would enable the system admin to deactivate and get rid of user accounts which are not necessary for the institution. It is also important for the human resource department to acquire the information in the database before the files were corrupted. However, in this case, only a small portion of information was edited and it can easily be corrected by the staff at the human resource department of the organization. In case of large files edited, it would be vital for the organization to recover its data before the hack and then update it manually in order to eliminate any malicious information added by the hacker.
It is important for a system to resume operations after it a hack. However, it is dangerous to continue utilizing the system without getting rid of the malicious intruder. Depending on the level of the data modified by the hacker, a system can either be patched up or built afresh. In most cases of hacking, not only do the hackers steal or modify information, but they also install tools that allow them to regain access to the system once you have gotten rid of them. Once a system is restored, it is very important for it to be checked for backdoors. This involves checking whether the access verification credentials or their answers were altered or not. Conducting a system security audit will also play a vital role in ensuring the security of the data. It is clear that an attack on any employees paychecks main intention is altering the amount of pay an individual receives by either increasing or decreasing the figure. Thus, the system can be scrutinized by vividly analyzing all the employees paychecks. This will provide clear information on the people who targeted and restore data to its original form. This scrutiny will determine whether the system is operational or not.
The analysis done by the IT team was not sufficient in ensuring the system of the business operations. After the human resource department of the organization was illegally accessed, the company determined that only the human department was at risk and ignored the other department. A vulnerability in one department could be an indication of the vulnerability of the whole system. The vulnerability could be used to illegally access other critical company departments such as finance and sales. For example, an illegal access of data on an organizations can be used to steal confidential information from a business such as sales records, companys technologies and even its clients and their credit card information. This information can be easily sold on the black market to its competitors and this may be detrimental to the operations of a business. Once a system has been compromised, it is important to analyze it in order to determine to what extent a system is compromised and how the hack can be mitigated.
There are many risks that are brought about by employees in an organization. Employees with malicious intentions can easily sabotage the operations of a business by adding malware into the system even through memory sticks. While the employee allegedly spoofed the company's system, it is likely that he used a wide variety of methods to hack the human resource system. The individual worked for the organization and thus, there is a high probability that he had access to the company's hardware. This access could provide an opportunity for the individual to physically plant malicious software that could be used to steal the passwords of his peers in order to steal the information.
There is also a likelihood that the employee downloaded malware from the internet and installed it directly into the system. For example, installing Trojans on a computer system can be used to steal passwords which have been saved on the computers. With stolen passwords, the employee can access and modify any information on a system and even delete the access logs to eradicate any evidence of the hack.
One of the issues that were not addressed...
If you are the original author of this essay and no longer wish to have it published on the thesishelpers.org website, please click below to request its removal:
- Essay Example: Amadeus Company Analysis
- Omantel: Overview of the Company and the Objectives. Management Essay Example.
- Summary of the Article About Healthcare and Big Data Management - Paper Example
- Inventory Management with Demand Lead Times and Rationing - Article Review Example
- Buy or Make Alternative in FFLI Incorporation - Case Study Example
- Development of WhiZZer - A Platform for Connection Businesses with Freelance Management Consultants
- Essay on Computer Operations in Information Systems Auditing