As you know, C-Bay acquired that firm in Chicago two weeks ago, and we’ve already started having security problems there. The help desk staff has been fielding issues non-stop since we took over, and some of us suspect there’s a hacker on the loose.

I’ve asked the help desk gang to send you information about any incidents [see 4.1: Incidents] that seem suspicious so that you can help us track down this guy or these guys (hate to sound sexist, but hackers do tend to be men).

For each incident, send me a report based on the form you used to report incidents in the network earlier in the project. Include notes for the help desk team advising them how to respond to the user who’s noted the problem (or any other users who need to know as well). And be sure to note any areas of the security policy that should be reconsidered to hedge against repeat incidents.

I’m attaching a diagram of the Chicago network topology and some notes about it in case you need them.

In about two weeks, we’ll review all the incidents and see if we can put together a profile of a single hacker, or a group of them, or whatever’s going wrong with the network.

Good luck!

IT Director