Fbi New Haven Field Office Case Study

452 Words2 Pages

FBI New Haven Field Office- Computer Analysis and Response Team: Tracking a Computer Intruder
Kriti Paliwal
Team: CRYPTERS
1) Problems Identified:
• The Ecommerce company does not have intrusion detection system (IDS) and Intrusion Prevention Systems (IPS) in place.
• Unguarded network gateways of the company’s website.
• Directory traversal vulnerability – It allows user access to a restricted web-server file (daily order file) that resides outside of the Web server’s root directory. The root directory should prevent the unauthorised access, In this case, this vulnerability existed in BoatingCT.com’s website software WebStore version 1.0. Intruders from around the world had gained unauthorised access to the daily order file of this website and also to the customer’s order and credit card information.
2) Recommendations and supporting arguments:
…show more content…

• Appointing security specialists: In order to spot any vulnerability in the system, security specialist should be appointed which will conduct timely audits to system and also will perform mock hacking attack to identify gaps in the network, if any.
• Guarding network gateway by installing and updating proper firewalls and anti-virus: To monitor and control incoming and outgoing network traffic is also essential for BoatingCT, to make sure the company’s network is not exploited and to ensure absolute zero eavesdropping.
• Double check company’s existing softwares / processes prone to threats, against any vulnerability and make required changes: BoatingCT should make all its softwares /processes such as online payment gateways etc. checked by a security specialist to ensure that they are not vulnerable to any kind of threat and if so, make needful changes to