Imagine for a moment that you are a hacker, an ethical one. You are called upon by law enforcement to hack into the network of a business known to be engaged in criminal activity for financial gain as its primary activity. Assume you are not to be concerned with any political aspects of the job and that your actions are legal and ethically justified.
This nefarious business takes its own security seriously and, therefore, has implemented several forms of network security, including firewalls, web proxies for its web gateways, and VPNs for remote users. You also know that this business, much like any normal corporation, rents several floors of office space to accommodate between 100 and 200 employees. Also, imagine that the business’s entire network topology is located on-site. Your goal is to infiltrate their security to find evidence of illegal activities in the local MSQL database. You must remain anonymous and operate within the parameters of the law.
Explain your method of attack and operation within the reasonable parameters of the law, citing specific, credible sources that support the method of attack and operation.
Describe a specific malware, social engineering, or other type of attack you would deploy to achieve your desired goals, citing specific, credible sources that support deployment of the attack.
Identify effective techniques for concealing executables and specific tools used for each stage of the attack.
Develop a plan to overcome expected hurdles your attack must overcome to be successful, citing specific, credible sources that support the plan.
Develop an anonymizing strategy, supported by specific, credible sources, that creates a false trail and minimizes the risk of detection.
Cite each source listed on your source page at least one time within your assignment.
