To: Mr. Lam, Manager of Grand IT Kuala Lumpur
From: Mr. Adam, IT Analyst
Subject: Field report on the virus infection within computer system in Klang Purpose Statement:
This is a field report on the specifics of the infection that occurred within the computer system in one of the branch offices of Grand IT company, the Klang Office and how the infection has been dealt with by the technicians there. This report is requested on 7th February 2013. Activities:
1. A typical Trojan XXX infection is detected by the company’s (IDS) Intrusion Detection System on 1st February 2013, at 5.30pm. 2. Mr Johny, the chief technician of Klang Office reported that Trojan XXX intruded the system when one of their staffs accidentally opened an email attachment without performing a prior virus scan on it.
3. The email attachment was sent in the ‘.exe extension’ and contained the following message – “From: [email@example.com] Subject: DHL Express Services. Please open your
“ Error in source address”
4. Mr. Johny instructed his fellow technicians not to open any email attachments received from that specific sender until the problem is solved. Their system’s network is shut down to avoid the dispersion of the Trojan to the entire network.
5. Technicians then conducted the trace routing process on the sender’s source address and the sender were found to be a fraudulent spyware agency that tried to steal credentials of the customers from the system. 6. The identified sender is then blocked from the system and reported to the authorities for further action.
1. Trojan triggers the IDS(Intrusion Detection System) alarm and causes the company’s system to crash and therefore affecting the whole Grand IT’s network of systems. 2. Customer’s legitimate services are temporarily unavailable due to the system crash and shut down. 3. Customers complain, and urge for...