This report deals with how one can crack a company’s IT system. It is written from an attacker’s point of view who wants to penetrate the e-Fence company with an appropriate method. Therefore the weak points of the company are highlighted to determine in what areas the organization is vulnerable and which approach to chose. The technical and human factors in terms of weaknesses are described whereas the conclusion is drawn that there are heaps of security lacks in both areas. The technical flaws that are not removable in some cases as well as the incompetence of staff and managers pose a major threat to the entire company since the most important asset, the information, is not enough protected. As a second step the methods how to attack a company are described. The alternatives of using virus, worm and trojan horse program are emphasized and how they can enter the computer system of the organization. In most cases it is the floppy disk that carries the viral code to the nodes. But email attachments can often contain malicious code as well that can cause damage within the corporate network. In the following section the cracker’s impact on the organization is revealed. It is described how the code is brought into the company and how it is activated. Moreover it is figured out that it takes an activator, who must trigger the malicious application. The results are devastating. From erasing the local hard drive to recoding the file allocation tables those programs have the power to corrupt or even delete data on the computer. As one computer spreads the virus via the network on other computers the whole network will be infected soon. Much more damage can cause trojan horse applications. They gain the control over the victim’s computer and can log all the actions taken by the user. For instance typed passwords can be identified and sent back to the cracker. They are also capable to read, write or even delete data on the computer and can control the entire hardware of the system. As a counter measure it takes both the staff and the technical safety measures to be able to stop a cracker from doing his job. With the awareness and knowledge about security the staff is able to recognize security flaws and suspicious activities. Anti-virus scanners, firewalls, user restrictions might help to avoid being cracked by someone else.
Inhaltsverzeichnis (Table of Contents)
- 1 EXECUTIVE SUMMARY
- 2 THE WEAK POINTS OF A CORPORATION
- 2.1 TECHNICAL WEAK POINTS
- 2.2 HUMAN WEAK POINTS.
- 3 ATTACKING THE CORPORATION.
- 3.1 HOW TO CRACK THE COMPANY.
- 3.1.1 Virus
- 3.1.2 Worms..
- 3.1.3 Trojan horses
- 3.2 METHODS TO SEND VIRAL CODE INTO THE COMPANY
- 3.1 HOW TO CRACK THE COMPANY.
- 4 THE IMPACT ON A CORPORATION
- 4.1 ACTIVATING THE INFILTRATED CODE.
- 4.2 THE RESULTS EXPECTED FROM THE ACTIVATED VIRII
- 5 COUNTER MEASURES
- 6 CONCLUSIONS.
Zielsetzung und Themenschwerpunkte (Objectives and Key Themes)
This report examines the vulnerabilities of a corporation's IT system from the perspective of an attacker aiming to penetrate the company's network. It highlights weaknesses in both technical and human aspects, revealing the susceptibility of corporate information to unauthorized access. The report then delves into various methods of attack, specifically focusing on the use of viruses, worms, and Trojan horses, and explores how these malicious programs can be introduced and activated within a corporate network. Finally, the report outlines potential countermeasures to mitigate the risks posed by such attacks.
- Vulnerabilities in corporate IT systems
- Technical and human weaknesses
- Methods of attacking corporate networks
- Impact of malicious programs on corporations
- Countermeasures to enhance security
Zusammenfassung der Kapitel (Chapter Summaries)
- 1 EXECUTIVE SUMMARY: This chapter provides an overview of the report, highlighting the main objectives and key findings. It underscores the vulnerabilities of corporations to attacks on their IT systems, focusing on the combination of technical and human weaknesses.
- 2 THE WEAK POINTS OF A CORPORATION: This chapter dives into the vulnerabilities present within a corporation's IT system, examining both technical and human factors. It explores how weaknesses in security measures and user behavior can be exploited by attackers.
- 3 ATTACKING THE CORPORATION: This chapter outlines various methods used by attackers to penetrate a company's IT system. It specifically focuses on three types of malicious programs – viruses, worms, and Trojan horses – and describes how they can be introduced and spread within a network.
- 4 THE IMPACT ON A CORPORATION: This chapter examines the devastating consequences of a successful attack on a corporation's IT system. It explores how malicious programs can be activated and the potential damage they can inflict, including data loss, system disruption, and unauthorized access to confidential information.
Schlüsselwörter (Keywords)
The report focuses on the vulnerabilities of corporate IT systems, exploring various attack methods like viruses, worms, and Trojan horses. It emphasizes technical and human weaknesses, highlighting the importance of security awareness and implementation of robust countermeasures, such as anti-virus software, firewalls, and user restrictions.
- Quote paper
- Thomas Kramer (Author), 2000, Cracking a corporation's IT system, Munich, GRIN Verlag, https://www.grin.com/document/1895