Attcking a secure network





The information and communication systems in the organizational IT systems is essential for the success of the organization. The efficiency and reliability of the IT systems in safeguarding the information may be used as an indicator of the performance. The breach of information security may lead to loss of competitive advantage as well as other benefits with the organizational field. Therefore, the IT managers, in collaboration with the overall organizational management, should deploy all the possible measures in an attempt to maintain the security for the information. The organizational information security mainly breaches through the approaches of system hacking and therefore compromising the information. The organizational employees may be facilitators of hacking of the systems by leaking out necessary credentials that may be used in the system hacking either voluntarily for their benefits or by being deceived without consent. Therefore, despite the security measures established in the given systems, hacking may be executed successfully.

My current workplace, which is an insurance company, has been experiencing defects in its service delivery due to the highly competitive levels exhibited by a particular other insurance company in the same town. In this case, being one of the best IT experts for the company, we have always been linked to the challenge. Despite deploying various measures such as offering essential facilities to all the departments, the management still feels that the IT department is letting them down. Therefore, a directive is laid to carry out a hacking exercise over our rival's systems to extract the various essentials details and approaches that might become essential for addressing the situation in our organization. This may involve the hacking to acquire access to their sales and marketing platforms as well as other platforms in order to realize the unique approaches being put in place to be at a higher level. Therefore, assimilating similar approaches to our organizational field would reduce the defects being experienced and try our competitor down (Younis, 2019, March).

Being appointed by the IT manager to carry on with the hacking exercise, I should understand that various issues will help deliver a successful hacking process. Therefore, I would deploy the approach of social engineering and phishing in carrying the hacking towards success. By coincidence, one of the workers under the IT department of the target rival competitors is my friend, and hence this accrues an added advantage to my operations. This was the time to reinforce our friendship, so am I could apply the various approaches in deceiving him to release the credentials over their systems to me. I would tend to use the texts, emails, calls, and other social media platforms such as WhatsApp and Facebook accounts to execute my mission. Under Facebook accounts for the target organization as well as its employees, there could be a possibility of unconsciously posting insightful information with information based on the credentials needed.

I would also ensure that we get used to each other in order to gain trust and create a possible chance of revealing all the work details. Through texting, I would first have to survey the routine and determining the right time to text based on urgency matters that may make him deliver need credentials unaware. Consequently, though the use of emails as a social engineering tool, I would request to be sent various business information that I would then use to impassionate the company. I would also tend to pretend to be a senior company’s manager by choosing and sending false email requests to various employees while faking the presence of a critical incident that requires emergence attendance. In this case, I would still have to request support from my fellow experts in the IT department to deliver the most efficient process (Pham, 2019). Through the phishing emails, as a smart hacker, I would send fake emails to the organization and expect the appropriate response regarding the organizational credentials that would then support the hacking process.

Consequently, using the malware-injecting device, it would become much more manageable. This case would be highly supported by the strong relationship between the friend at the target’s field and me. In this case, I would be able to design a plan and delivered the USB that is coded, and immediately it gets inserted into a given computer. It will be much easier to acquire information. The approach of the missing security patches would be an added advantage in leveraging the efficiency of the malware devices. The weakened systems would be highly essential for supporting data extraction using the USB. This would also be highly essential since there are very few maintenance approaches that have been established. An overall structure of the information and the related credentials for hacking is now available using the malware devices that have already been inserted in the organizational systems. In this case, it is possible to carry out the hacking under my place of work. I would create links that I would then send to the spot in the company, and thus downloading the link now generates various credentials. Additionally, using the keylogging approach, the target workers would be able to access the created sites created in false approaches, and as they continue feeding their credentials, their information is leaked out (Kemell, 2019, August)

           Conclusively, the organizational, managerial units should be extra keen in promoting the adherence to the set standards, especially under the IT department's failure to which the security of the organization's networks is continually at risk. Therefore, we should be extra keen on handling the medial social entities, for instance, downloading and following links without the consent of what is held within the link. The work issues should not be combined with friendship matters to save the security of organizational information. The password management tools over the network systems should be extensively applied in the organizational systems due to its potential to deliver lengthy and more secure passwords in the various organizations.


Kemell, K. K., Feshchenko, P., Himmanen, J., Hossain, A., Jameel, F., Puca, R. L., ... & Sorvisto, A. (2019, August). Software startup education: gamifying growth hacking. In Proceedings of the 2nd ACM SIGSOFT International Workshop on Software-Intensive Business: Start-ups, Platforms, and Ecosystems (pp. 25-30).

Pham, D. P., Vu, D. L., & Massacci, F. (2019). Mac-A-Mal: macOS malware analysis framework resistant to anti evasion techniques. Journal of Computer Virology and Hacking Techniques, 15(4), 249-257.

Younis, Y. A., Kifayat, K., Topham, L., Shi, Q., & Askwith, B. (2019, March). Teaching Ethical Hacking: Evaluating Students’ Levels of Achievements and Motivations. In International Conference on Technical Sciences (ICST2019) (Vol. 6, p. 04).