The iPremier Company: Denial of Service Attack

Slides:



Advertisements
Similar presentations
Presented by Nikita Shah 5th IT ( )
Advertisements

Page 1 Organize for Success IST Organization Design January, 2013 MALCOLM BERNSTEIN CONSULTING.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
iPremier(A) Denial of Service Attack – Case Study Presentation
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
Information Systems Audit Program. Benefit Audit programs are necessary to perform an effective and efficient audit. Audit programs are essentially checklists.
Organisational policies
Recovering from an Attack Version 0.1 March, 2003 Bill Woodcock Packet Clearing House.
The iPremier Company, Inc.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Exam ● On May 15, at 10:30am in this room ● Two hour exam ● Open Notes ● Will mostly cover material since Exam 2 ● No, You may not take it early.
Applied Cryptography for Network Security
Lecture 11 Reliability and Security in IT infrastructure.
The iPremier Company: Denial of Service Attack
Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Network security policy: best practices
Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Change and Patch Management Controls
1 Chapter Nine Conducting the IT Audit Lecture Outline Audit Standards IT Audit Life Cycle Four Main Types of IT Audits Using COBIT to Perform an Audit.
Note1 (Admi1) Overview of administering security.
Chapter 8 Managing Operations. Key Points in Chapter 8 Outsourcing IS Functions Outsourcing IS Functions Security in the Internet Age Security in the.
Security in ERP Systems By Jason Rhodewalt & Marcel Gibson.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
 It is a branch of FORENSIC SCIENCE for legal evidence found in computer  It refers to detail investigation of the computers to carry out required tasks.
CHAPTER 9 HARDENING SERVERS. C REATING A BASELINE POLICY Security parameters used to create a baseline installation can be configured using a Group Policy.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Information Security in Distributed Systems Distributed Systems1.
INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.
IT Security Policy: Case Study March 2008 Copyright , All Rights Reserved.
Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Intrusion Detection Systems Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.
CHAPTER 2 Laws of Security. Introduction Laws of security enable user make the judgment about the security of a system. Some of the “laws” are not really.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
Information Security: Current Threats Marc Scarborough Information Security Officer
Chapter 3-Auditing Computer-based Information Systems.
Physical Security Concerns for LAN Management By: Derek McQuillen.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Lecture 1 Introduction Dr. nermin hamza 1. Aim of Course Overview Cryptography Symmetric and Asymmetric Key management Researches topics 2.
Data Breach ALICAP, the District Insurance Provider, is Now Offering Data Breach Coverage as Part of Our Blanket Coverage Package 1.
Onsite CRM Security
Chapter 9 Intruders.
Responding to Intrusions
Chapter 5 Electronic Commerce | Security
Understand Core Security Principles
Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,
Cyber Issues Facing Medical Practice Managers
Chapter 5 Electronic Commerce | Security
TRIP WIRE INTRUSION DETECTION SYSYTEM Presented by.
INFORMATION SYSTEMS SECURITY and CONTROL
Chapter 9 Intruders.
Faculty of Science IT Department By Raz Dara MA.
Computer Security By: Muhammed Anwar.
The Survival Plan.
Security in Cloud Computing
Cryptography and Network Security
Presentation transcript:

The iPremier Company: Denial of Service Attack Lecture 10 The iPremier Company: Denial of Service Attack

Synopsis Successful high-end retailer shut down by a distributed denial of service (DDoS) attack which occurs for 75 minutes CIO Bob Turley coordinating from afar Some leaders helpful, others not so helpful

Case Overview Made-up case based on real events that have happened in various companies Considers the management perspective of a DDoS attack These are not common, but can be significant

What is a DoS attack? Handshake between communicating computers Can be defended if all from one recognized source Distributed DoS more difficult to defend against

What is a firewall? Combination of hardware and software to prevent unauthorized access to company’s internal computer resources iPremier ‘not a real firewall’ Attack vs intrusion

Crisis management Normal human responses? What is at stake? What principles should be followed?

How did iPremier do? Recommendations Before During After

Follow up info A few hours later, iPremier announced publicly that they have been victim of DDOS attack 75 minutes, middle of night Few customers inconvenienced Would revisit already solid computer security No conclusive evidence that intruders had tampered with production computer equipment “Fingerprint” on files had not been kept up to date, so impossible to know extent of breach

Security measures instituted Restart all production computer equipment sequentially without interrupting service to customers File-by-file examination of every file on every production computer looking for evidence of missing data Began study of how “digital signature technology” might be used to assure that files on production computers were the same files initially installed there Expedited project aimed at moving to a more modern hosting facility Modernized computing infrastructure to include more sophisticated firewall Implemented secure shell access so that production computing equipment could be modified and managed from off site Added disk space to enable more logging, leading to better information if this happened again Trained more staff in use of monitoring software, and educated about security threats Created incident-response team, practiced simulated attack Began executive search for chief security officer Instituted quarterly third-party security audits

Follow up info Joanne Ripley recommends disconnecting all production computers and rebuild from scratch Estimate 24 – 36 hours to complete Documentation there, but things can go wrong Heated debate over this suggestion “only way to be sure” “irresponsible to customers to do this” – hurt satisfaction No evidence of compromise

Thoughts Follow Ripley’s suggestion? What should be disclosed

Two weeks later… Call from FBI Now what? Competitor MarketTop has been subject to a DDoS attack Source of attack is within iPremier Now what? Shut down all? Legal Issues Credit Card Info could have been stolen…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.