Preview

Dos Attack Case Study

Good Essays
Open Document
Open Document
749 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Dos Attack Case Study
Memorandum

To: Mr. Bob Turley, CIO

From: Independent Member on the Board of Directors

Date: January 13, 2003

Subject: Actions Following the DoS Attack

As a result of the DoS attack earlier this morning, it is important to assess and address the upcoming actions of our company with regard to customers, procedures, security, and partners. Below I have summarized my suggestions on how to handle these issues and what needs to be done to prevent another attack from reoccurring.

Customers: Do we disclose the attack?
After weighing both the advantages and disadvantages of disclosing the attack to the public, it appears that the best course of action would be to disclose the information to the public.
…show more content…
There needs to be assessment of how long the system will be down for, how much business is affected, what exactly will be done (files transmitted elsewhere, new software, and new data storage) and how it will impact the customers.

Security o Current firewalls are not secure enough to withstand some attacks—we need to invest in a better and more secure firewall to better reduce the risk of an attack occurring. o Better protection for our customers’ accounts and account numbers—this can be done via encryption which with help with protecting sensitive data such as the accounts. o Enabling detailed logging—there is not enough disk space for iPremier to have efficient logging. This is something that could help us find the hacker in a more time efficient manner as well as document evidence of the attack. o Develop a response team—for a B2C internet retailer, it is important to have a response team set up and onboard with attack issues. This will minimize the “runaround” that is received as the team will be able to initiate responses quickly and

You May Also Find These Documents Helpful

  • Better Essays

    Implementing the installation of an IDS or IPS will allow for suspicious traffic to be flagged and reported to administrators based on one of two different factors. These factors are signature based or anomaly based depending on how they are configured.…

    • 1279 Words
    • 6 Pages
    Better Essays
  • Good Essays

    RLOT2 Task 2 B rev 1

    • 569 Words
    • 2 Pages

    Defense in Depth provides the university several layers of protection. Starting at the endpoints, host intrusion protection (HIPS), should be installed on each Device. Properly installed, HIPS will not permit the installation of unauthorized programs. This was the root cause of the (D)DoS recently experienced. At the routers access control lists (ACLs) must be put in place to allow only traffic with a legitimate protocol and destination. Between the routers and the endpoint a firewall solution must be put in place. The firewall must be configured to allow only allowed protocols and port numbers to communicate with specific destinations. Between the firewall and endpoint a (D)DoS a detection tool (such as Arbor’s Prevail) must be put in place. This measure not only allows for quick detection of (D)DoS it also permits the automatic mitigation of the…

    • 569 Words
    • 2 Pages
    Good Essays
  • Good Essays

    You Decide- Sec572 Week 2

    • 577 Words
    • 3 Pages

    The concept of IP spoofing decreased due to the demise of the services they exploited, spoofing can still be used and needs to be addressed by all security administrators.…

    • 577 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    The explosive growth and popularity of the Internet have resulted in thousands of structured query able information sources. Most organizations are familiar with Penetration Testing and other ethical hacking techniques as a means to understanding the current security status of their information system assets. Consequently, much of the focus of research, discussion, and practice, has traditionally been placed upon active probing and exploitation of security vulnerabilities. Since this type of active probing involves interacting with the target, it is often easily identifiable with the analysis of firewall and intrusion detection/prevention device (IDS or IPS) log files.…

    • 501 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    It255 Project Part 1

    • 634 Words
    • 3 Pages

    Monitoring traffic will help for see intrusions into the network. Any traffic that is out of the ordinary will…

    • 634 Words
    • 3 Pages
    Better Essays
  • Better Essays

    E-commerce networks are prone to external attacks. They present large targets with valuable internal data, such as customer information, credit card numbers and bank accounts, supply chain information, pricing, and so on. They must allow legitimate, worldwide users to connect and interact with the network. Speed is a priority to end users, where long transaction times or slow site navigation will motivate them to move to a different vendor. Security is another priority. Customers must be assured that their privacy and confidential information will remain intact and guarded.…

    • 890 Words
    • 4 Pages
    Better Essays
  • Good Essays

    It255 Assignment 8

    • 309 Words
    • 2 Pages

    The Internet is vulnerable to myriads kinds of attacks, due to vulnerabilities in the TCP-IP protocol, and no global flow control mechanisms. The two problems lead to many TCP exploits and the horrible DDoS attacks. We have devised a method of incrementally upgrading the network infrastructure at the transport level that solves the above problems and makes the network significantly more resilient to attacks, particularly the DDoS attack. The approach uses "hardened routers", routers that can do simple cryptographic functions (encryption, signatures) on all packets flowing in the network, as well as to participate in a hierarchical control network.…

    • 309 Words
    • 2 Pages
    Good Essays
  • Powerful Essays

    Ethics Case Analysis

    • 1127 Words
    • 4 Pages

    A Denial of Service (DoS) attack on the corporate IT system at IVK Corporation. (Adapted from the book The Adventures of an IT Leader, 2009, Harvard Business School Publishing). After reading the case description, answer the questions that follow.…

    • 1127 Words
    • 4 Pages
    Powerful Essays
  • Better Essays

    Supply Disruption  Customer Disruption  Employee Disruption Communication Utilities Contingency Planning Process High Level Contingency and Disaster Recovery Planning Strategy • Develop the Business Contingency Planning • • • • • • • Policy and Business Process Priorities Conduct a Risk Assessment Conduct the Business Impact Analysis (BIA) Develop Business Continuity and Recovery Strategies Develop Business Continuity Plans Conduct awareness, testing, and training of the DRP Conduct Disaster Recovery Plan maintenance and exercise Identify business processes Industry Standards ISO 27001 : Requirements for Information Security Management Systems. Section 14 addresses business continuity management.…

    • 1114 Words
    • 10 Pages
    Better Essays
  • Better Essays

    [Company] has been contracted to conduct a penetration test against [Organization] external web presence. The…

    • 1355 Words
    • 5 Pages
    Better Essays
  • Satisfactory Essays

    In this lab, you implemented a portion of your organization’s BCP. Based on the BIA, the…

    • 314 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    An automated response approach, in contrast, provides immediate response to detected incidents without human intervention. An automated response essentially addresses the shortcomings of a notification and manual response approach by mitigating the vulnerability between detecting and responding. Although notification and manual responses are inadequate due to its inability to address attacks in real time, there are still drawbacks for the automated response approach. The complications prevalent to the automated response approach includes false…

    • 107 Words
    • 1 Page
    Good Essays
  • Satisfactory Essays

    Unit 6 Lab

    • 727 Words
    • 2 Pages

    The first step for risk management would be identifying all of your assets. These assets can include the servers you use to sell your electronic parts, as well as all of your data, from customer information to the data to build the parts you sell. It also includes any networking devices and end user workstations. Evaluate what the cost to your company would be if these assets went down. How would the current confidentiality, integrity, or availability be affected if these assets were to be compromised?…

    • 727 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    Data Breach Research Paper

    • 4412 Words
    • 18 Pages

    References: Banham, R. (2012) “Where the Money Is, And the Security Isn’t: Cyber thieves are increasingly targeting small and midsize businesses, and why not? Most SMBs do little to protect themselves”. Retrieved from www.CFO.com…

    • 4412 Words
    • 18 Pages
    Powerful Essays
  • Powerful Essays

    ABSTRACT This paper presents a new mechanism for delivering Qual- ity of Service (QoS) guarantees for web-based applications in the face of Distributed Denial of Service (DDoS) attacks. It accomplishes this by scheduling incoming requests based on a valuation/cost analysis to prioritize and service these requests in a more e±cient manner. This research di®ers from previous works by collaborating with the web server 's Operating System (OS) through the use of probes, which provide active feedback of application resource state. Other heuristics that have proven successful in DDoS detection and prevention are also employed in an extensible framework to facilitate site-speci¯c customization.…

    • 1460 Words
    • 6 Pages
    Powerful Essays