Late one night not long ago, George Corday, SCM’s Senior Manager of Information Systems noticed some heavier than usual traffic moving between three operational sites; Tokyo, Milan, and Tampa. As usual Tom was at his desk when the call came in; some people claimed Tom slept and ate there. Tom answered “Hello, CSO Tom Brown speaking.” George answered: “Hi Tom, have you got a minute? I noticed something odd with our net traffic and wanted you to look at it.” Tom replied with a scripted answer, the first entry in the company incident response plan, “What do you think you saw, where and at what time or times?” George gave Tom the information he had observed. A few hours later Tom called George back to give him the initial report that someone had tapped into their system and was using it to transmit data around the world. The data was embedded in some typical transactions; however, the attacker had placed a worm in the system, which apparently had the potential for causing damage well beyond the company’s system. He suggested to George that they could employ a track and trace procedure to attempt to isolate the attacker. Tom said he wanted to isolate those links in the system to prevent the attacker from launching attacks to other sites or hopefully to prevent the attacker from using their system to launch system attacks on the vendor and supply chain. Tom said he was more concerned over the ability of this worm to infiltrate their government contractors linked via VPN, which may have access to sensitive data and sites. The surprising part of the conversation turned out to be that an SCM laptop was being used to access the network. In this phone call to Tom, George OK’d the use of the track and trace system Tom had created to find the attacker and disable their ability to use SCM’s network. He wanted the identity of who had use of the laptop, and wanted to know if there was any potential for proprietary data being removed from their network of if the network was just being used as a carrier. George also informed him that he would communicate the illegal use of their network to Takio Sumi, CIO, as soon as Tom had removed the attacker’s ability to use their network.
Do you think any laws may have been violated by SCM in this investigation? Perhaps international laws?
Where are any internal procedures violated by Tom and George?
The chain of events and type of attack should have required what type of response from the two employees?
At what point in time should SCM involve their contractors, vendors, and the government agencies? What is the appropriate way to do that?
We value our customers and so we ensure that what we do is 100% original..
With us you are guaranteed of quality work done by our qualified experts.Your information and everything that you do with us is kept completely confidential.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
The Product ordered is guaranteed to be original. Orders are checked by the most advanced anti-plagiarism software in the market to assure that the Product is 100% original. The Company has a zero tolerance policy for plagiarism.Read more
The Free Revision policy is a courtesy service that the Company provides to help ensure Customer’s total satisfaction with the completed Order. To receive free revision the Company requires that the Customer provide the request within fourteen (14) days from the first completion date and within a period of thirty (30) days for dissertations.Read more
The Company is committed to protect the privacy of the Customer and it will never resell or share any of Customer’s personal information, including credit card data, with any third party. All the online transactions are processed through the secure and reliable online payment systems.Read more
By placing an order with us, you agree to the service we provide. We will endear to do all that it takes to deliver a comprehensive paper as per your requirements. We also count on your cooperation to ensure that we deliver on this mandate.Read more