1 / 13

Navigating the Aftermath of a DDoS Attack: The iPremier Company Case Study

This lecture delves into a fictional representation based on real events faced by high-end retailers, focusing on the iPremier Company's experience during a Distributed Denial of Service (DDoS) attack that lasted 75 minutes. The management strategies, led by CIO Bob Turley, reveal the complexities of crisis management, communication challenges, and the balance between security and customer satisfaction. The case outlines preventive measures, technological upgrades, and the implementation of new security protocols post-attack, while addressing subsequent legal implications and the psychological impact on the company.

milos
Télécharger la présentation

Navigating the Aftermath of a DDoS Attack: The iPremier Company Case Study

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lecture 10 The iPremier Company: Denial of Service Attack

  2. Synopsis • Successful high-end retailer shut down by a distributed denial of service (DDoS) attack which occurs for 75 minutes • CIO Bob Turley coordinating from afar • Some leaders helpful, others not so helpful

  3. Case Overview • Made-up case based on real events that have happened in various companies • Considers the management perspective of a DDoS attack • These are not common, but can be significant

  4. What is a DoS attack? • Handshake between communicating computers • Can be defended if all from one recognized source • Distributed DoS more difficult to defend against

  5. What is a firewall? • Combination of hardware and software to prevent unauthorized access to company’s internal computer resources • iPremier ‘not a real firewall’ • Attack vs intrusion

  6. Crisis management • Normal human responses? • What is at stake? • What principles should be followed?

  7. How did iPremier do? • Recommendations • Before • During • After

  8. Questions, Break, Presentation

  9. Follow up info • A few hours later, iPremier announced publicly that they have been victim of DDOS attack • 75 minutes, middle of night • Few customers inconvenienced • Would revisit already solid computer security • No conclusive evidence that intruders had tampered with production computer equipment • “Fingerprint” on files had not been kept up to date, so impossible to know extent of breach

  10. Security measures instituted • Restart all production computer equipment sequentially without interrupting service to customers • File-by-file examination of every file on every production computer looking for evidence of missing data • Began study of how “digital signature technology” might be used to assure that files on production computers were the same files initially installed there • Expedited project aimed at moving to a more modern hosting facility • Modernized computing infrastructure to include more sophisticated firewall • Implemented secure shell access so that production computing equipment could be modified and managed from off site • Added disk space to enable more logging, leading to better information if this happened again • Trained more staff in use of monitoring software, and educated about security threats • Created incident-response team, practiced simulated attack • Began executive search for chief security officer • Instituted quarterly third-party security audits

  11. Follow up info • Joanne Ripley recommends disconnecting all production computers and rebuild from scratch • Estimate 24 – 36 hours to complete • Documentation there, but things can go wrong • Heated debate over this suggestion • “only way to be sure” • “irresponsible to customers to do this” – hurt satisfaction • No evidence of compromise

  12. Thoughts • Follow Ripley’s suggestion? • What should be disclosed

  13. Two weeks later… • Call from FBI • Competitor MarketTop has been subject to a DDoS attack • Source of attack is within iPremier • Now what? • Shut down all? • Legal Issues • Credit Card Info could have been stolen…

More Related