When U.S. Leasing (USL) computers began acting sluggishly, computer operators were relieved when a software troubleshooter from IBM called. When he offered to correct the problem they were having, he was given a log-on ID and password. The next morning, the computers were worse. A call to IBM confirmed USL’s suspicion: Someone had impersonated an IBM repairman to gain unauthorized access to the system and destroy the database. USL was also concerned that the intruder had devised a program that would let him get back into the system even after all the passwords were changed.

a. What techniques might the impostor have employed to breach USL’s internal security?
b. What could USL do to avoid these types of incidents in the future?

  • CreatedDecember 19, 2014
  • Files Included
Post your question