Hunter Wikstrom

ITS 370

Chapter 1

 

Exercises

4. Using the Web, find a large company or government agency that is familiar to you or located in your area. Try to find the name of the chief executive officer (CEO), the CIO, and the CISO. Which was easiest to find? Which was hardest?

The Company that I chose is Best Buy. The current CEO of Best Buy is Corrie Barry who is currently under the public microscope after a recent allegation of having an affair with a former executive which is highly against company policy. Barry become the CEO after previous CEO Hubert Joly created a new position and handed the reigns of CEO over to Barry. The current CIO of Best Buy is Brian Tilzer. Not a lot of information is offered on Tilzer and how he came to be in the role. The CIO (chief information officer) oversees information technology, strategy, and implementation. Lastly the CISO of Best Buy is Adam Mishler. CISO stands for Chief information Security Officer. Mosher operates on the global level. The hardest position to find information on in this organization was the CIO while the easiest by far was the CEO of company.

 

5. Using the Web, find out more about Kevin Mitnick. What did he do? Who caught him?  Write a short summary of his activities and explain why he is infamous.

Kevin Mitnick is currently a computer security consultant and author. He was previously convicted of hacking in 1995. Mitnick started his fraud career early after figuring out how to game the LA transportation system and get free transport through dumpster diving. He later moved on the bigger things; the largest case was when Mitnick hacked into Pacific Bell voicemail computers. When a warrant was issued for his arrest he ran and become a fugitive for two and half years. He was eventually caught by the FBI on February 15, 1995 in North Carolina. While on the run Mitnick cloned cell phones to keep his location hard to track. The reason why his case is infamous is because many believed that Mitnick had punishments too harsh for his crimes. Something that is also unique is that he used social engineering rather than bypass software to gain access to the restricted information.

 

Discussion Questions

 

1. Do you think this event was caused by an insider or outsider? Explain your answer.

In this case I believe that attack came from an outsider. The reason I believe this is that the delivery method was through email and was taking advantage of those who wouldn’t take time to determine whether the email was phishing. Another reason I believe it was an outsider is that in this situation the staff that seem to be competent when it comes to IT in general all fell victim to the attack and there is very little internal gain in this situation.

 

2. Other than installing virus and worm control software, what can SLS do to prepare for the next incident? 

A big step in preparation for the next attack is training. They need to train their staff on how to properly assess emails and attachments before opening them. They also need to train their staff how to identify common signs of an infection so they can help stop it before it gets out of hand. However, the staff showed they were incompetent in this situation as they also fell victim. The whole staff needs to go through security training when it comes to using their email and other work-related software.

 

3. Do you think this attack was the result of a virus or a worm? Explain your answer.

I believe this was a computer virus. A computer worm is designed to be low key and often doesn’t give any indication that it has infected one’s computer. A worm is supposed to operate behind the scenes to give hackers access to information, add or delete files, or just replicate itself to affect computer performance. In this situation the computers were immediately affected which is typically the goal of computer virus, therefore this situation shows more computer virus properties than worm properties. IF this was a worm it would have been on the server for a long time before getting to this point, not all computers would have gone down in quick succession like in the situation though.

 

Ethical Decision Making.

 

1. Would it be ethical for Amy to open such a file?

 

It would not be ethical for Amy to open the email. In that situation Amy would be putting the company at risk by opening such an obvious bait email. Even if the email was legitimate and wasn’t riddled with viruses Amy would still be acting unethically by opening an email that would be disclosing the managers emails and SSNs.

 

2. If such an e-mail came in, what would be the best action to take?

 

When receiving an e-mail like this it is important not to open the e-mail or any attachments within it. In this case you should report the e-mail to your anti-phishing department. Or if you are in that department you should determine the origin of the e-mail to ensure that you can protect the rest of the company from receiving the same e-mail as well as alert them that they should not open the e-mail if they received it.