T 5.39 Infiltrating computer systems via communication cards

A communications card (e.g. an ISDN card or an internal modem, but also an external modem) is capable of automatically receiving incoming calls. Depending on the installed communications software and its configuration, this makes it possible for callers to access the connected IT system without being detected.

An external computer can be connected as a terminal to a server via a communication card. If the user logs off after a terminal session but the line stays connected, an external computer can be used for access just like the local terminal. This allows third parties, who have access to this computer, the opportunity to try out user IDs and passwords. It is even more dangerous if the line is interrupted without the user at the local terminal being logged-off automatically. The next caller could then work with the same user ID, without any need to log on to the system Through this, he gets complete access to the IT system without any identification or authentication.