Quick Assignment Help
SEC 440 Week 3 You Decide Scenario The infectious company, Grocery Stores, Inc.
SEC 440 Week 3 You Decide Scenario The infectious company, Grocery Stores, Inc. has just been breached by what was first thought to be a remote attacker who infected the supermarket chain with a server based malware program. However, after a security assessment was performed, it was confirmed that it was an inside job. Apparently, a new and sophisticated plan was developed by a disgruntled employee. The attacker slipped malware onto servers at all of the company’s 200 grocery stores. The malware appears to have snatched card data from customers as they swiped their credit cards through the checkout counter machine and transferred the card data overseas. Role You’ve been hired as an information security administrator for Grocery Stores, Inc. Your duty is to assess the situation and determine the best course of action to take to ensure that the security breach is contained and eradicated. You will need to interview key staff members and decide how which member(s) can best assist you in eliminating this risk. Players Douglas Smith Vice President Information Technologies The fact that the malware was not the ordinary kind of key logger program that might capture keyboard presses as a customer logs into their online bank account, but was instead software programmed to lift credit card data as it was being transmitted to the servers at Grocery Stores, Inc, suggests that the malware program had to be written specifically to target our stores and deployed from inside the company network. It seems almost too much of a coincidence to believe that remote hackers would have a chance to infect every server with the appropriate malware by using traditional security flaws such as a misconfigured firewall, or even an out-of-date antivirus application. We have over 20 network administrators throughout multiple branch offices and satellite locations. Security was set up so that each network administrator had the same security access and privileges to each location. In hindsight, I believe that while having redundant or equal security privileges for all network administrators can be a good thing; it can also be a major security hole. That is because the administrators have access to the entire system and not just their local area network.
