The iPremier Company - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

The iPremier Company

Description:

Lecture 10 The iPremier Company: Denial of Service Attack Synopsis Successful high-end retailer shut down by a distributed denial of service (DDoS) attack which ... – PowerPoint PPT presentation

Number of Views:30
Avg rating:3.0/5.0
Slides: 13
Provided by: soeUcscEd
Category:
Tags: company | ipremier | team

less

Transcript and Presenter's Notes

Title: The iPremier Company


1
Lecture 10
  • The iPremier Company
  • Denial of Service Attack

2
Synopsis
  • Successful high-end retailer shut down by a
    distributed denial of service (DDoS) attack which
    occurs for 75 minutes
  • CIO Bob Turley coordinating from afar
  • Some leaders helpful, others not so helpful

3
Case Overview
  • Made-up case based on real events that have
    happened in various companies
  • Considers the management perspective of a DDoS
    attack
  • These are not common, but can be significant

4
What is a DoS attack?
  • Handshake between communicating computers
  • Can be defended if all from one recognized source
  • Distributed DoS more difficult to defend against

5
What is a firewall?
  • Combination of hardware and software to prevent
    unauthorized access to companys internal
    computer resources
  • iPremier not a real firewall
  • Attack vs intrusion

6
Crisis management
  • Normal human responses?
  • What is at stake?
  • What principles should be followed?

7
How did iPremier do?
  • Recommendations
  • Before
  • During
  • After

8
Follow up info
  • A few hours later, iPremier announced publicly
    that they have been victim of DDOS attack
  • 75 minutes, middle of night
  • Few customers inconvenienced
  • Would revisit already solid computer security
  • No conclusive evidence that intruders had
    tampered with production computer equipment
  • Fingerprint on files had not been kept up to
    date, so impossible to know extent of breach

9
Security measures instituted
  • Restart all production computer equipment
    sequentially without interrupting service to
    customers
  • File-by-file examination of every file on every
    production computer looking for evidence of
    missing data
  • Began study of how digital signature technology
    might be used to assure that files on production
    computers were the same files initially installed
    there
  • Expedited project aimed at moving to a more
    modern hosting facility
  • Modernized computing infrastructure to include
    more sophisticated firewall
  • Implemented secure shell access so that
    production computing equipment could be modified
    and managed from off site
  • Added disk space to enable more logging, leading
    to better information if this happened again
  • Trained more staff in use of monitoring software,
    and educated about security threats
  • Created incident-response team, practiced
    simulated attack
  • Began executive search for chief security officer
  • Instituted quarterly third-party security audits

10
Follow up info
  • Joanne Ripley recommends disconnecting all
    production computers and rebuild from scratch
  • Estimate 24 36 hours to complete
  • Documentation there, but things can go wrong
  • Heated debate over this suggestion
  • only way to be sure
  • irresponsible to customers to do this hurt
    satisfaction
  • No evidence of compromise

11
Thoughts
  • Follow Ripleys suggestion?
  • What should be disclosed

12
Two weeks later
  • Call from FBI
  • Competitor MarketTop has been subject to a DDoS
    attack
  • Source of attack is within iPremier
  • Now what?
  • Shut down all?
  • Legal Issues
  • Credit Card Info could have been stolen
Write a Comment
User Comments (0)
About PowerShow.com