Dos Attack Case Study
Memorandum
To: Mr. Bob Turley, CIO
From: Independent Member on the Board of Directors
Date: January 13, 2003
Subject: Actions Following the DoS Attack
As a result of the DoS attack earlier this morning, it is important to assess and address the upcoming actions of our company with regard to customers, procedures, security, and partners. Below I have summarized my suggestions on how to handle these issues and what needs to be done to prevent another attack from reoccurring.
Customers: Do we disclose the attack?
After weighing both the advantages and disadvantages of disclosing the attack to the public, it appears that the best course of action would be to disclose the information to the public. …show more content…
There needs to be assessment of how long the system will be down for, how much business is affected, what exactly will be done (files transmitted elsewhere, new software, and new data storage) and how it will impact the customers.
Security o Current firewalls are not secure enough to withstand some attacks—we need to invest in a better and more secure firewall to better reduce the risk of an attack occurring. o Better protection for our customers’ accounts and account numbers—this can be done via encryption which with help with protecting sensitive data such as the accounts. o Enabling detailed logging—there is not enough disk space for iPremier to have efficient logging. This is something that could help us find the hacker in a more time efficient manner as well as document evidence of the attack. o Develop a response team—for a B2C internet retailer, it is important to have a response team set up and onboard with attack issues. This will minimize the “runaround” that is received as the team will be able to initiate responses quickly and
To: Mr. Bob Turley, CIO
From: Independent Member on the Board of Directors
Date: January 13, 2003
Subject: Actions Following the DoS Attack
As a result of the DoS attack earlier this morning, it is important to assess and address the upcoming actions of our company with regard to customers, procedures, security, and partners. Below I have summarized my suggestions on how to handle these issues and what needs to be done to prevent another attack from reoccurring.
Customers: Do we disclose the attack?
After weighing both the advantages and disadvantages of disclosing the attack to the public, it appears that the best course of action would be to disclose the information to the public. …show more content…
There needs to be assessment of how long the system will be down for, how much business is affected, what exactly will be done (files transmitted elsewhere, new software, and new data storage) and how it will impact the customers.
Security o Current firewalls are not secure enough to withstand some attacks—we need to invest in a better and more secure firewall to better reduce the risk of an attack occurring. o Better protection for our customers’ accounts and account numbers—this can be done via encryption which with help with protecting sensitive data such as the accounts. o Enabling detailed logging—there is not enough disk space for iPremier to have efficient logging. This is something that could help us find the hacker in a more time efficient manner as well as document evidence of the attack. o Develop a response team—for a B2C internet retailer, it is important to have a response team set up and onboard with attack issues. This will minimize the “runaround” that is received as the team will be able to initiate responses quickly and