The iPremier Company: Denial of Service Attack

Slides:



Advertisements
Similar presentations
Presented by Nikita Shah 5th IT ( )
Advertisements

Page 1 Organize for Success IST Organization Design January, 2013 MALCOLM BERNSTEIN CONSULTING.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
iPremier(A) Denial of Service Attack – Case Study Presentation
Guide to Computer Forensics and Investigations1 Network Forensics Overview Network forensics –Systematic tracking of incoming and outgoing traffic To ascertain.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Information Systems Audit Program. Benefit Audit programs are necessary to perform an effective and efficient audit. Audit programs are essentially checklists.
Access Control Chapter 3 Part 5 Pages 248 to 252.
The iPremier Company, Inc.
Management’s Role in Information Security V.T. Raja, Ph.D., Oregon State University.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Exam ● On May 15, at 10:30am in this room ● Two hour exam ● Open Notes ● Will mostly cover material since Exam 2 ● No, You may not take it early.
Business Data Communications, Fourth Edition Chapter 10: Network Security.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Applied Cryptography for Network Security
Lecture 11 Reliability and Security in IT infrastructure.
Web server security Dr Jim Briggs WEBP security1.
Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Network security policy: best practices
Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
Overview of Systems Audit
“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
Computer & Network Security
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Change and Patch Management Controls
Security in ERP Systems By Jason Rhodewalt & Marcel Gibson.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
 It is a branch of FORENSIC SCIENCE for legal evidence found in computer  It refers to detail investigation of the computers to carry out required tasks.
CHAPTER 9 HARDENING SERVERS. C REATING A BASELINE POLICY Security parameters used to create a baseline installation can be configured using a Group Policy.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Investigating Sophisticated Security Breaches Digital Forensics has proven tough in the age of sophisticated Intruders.
Information Security in Distributed Systems Distributed Systems1.
INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.
Security in Cloud Computing Zac Douglass Chris Kahn.
IT Security Policy: Case Study March 2008 Copyright , All Rights Reserved.
Security Vulnerabilities in A Virtual Environment
Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Intrusion Detection Systems Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
Information Security: Current Threats Marc Scarborough Information Security Officer
Lecture 15 Page 1 CS 236 Online Evaluating Running Systems Evaluating system security requires knowing what’s going on Many steps are necessary for a full.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Physical Security Concerns for LAN Management By: Derek McQuillen.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.
Onsite CRM Security
Responding to Intrusions
Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,
Cyber Issues Facing Medical Practice Managers
TRIP WIRE INTRUSION DETECTION SYSYTEM Presented by.
INFORMATION SYSTEMS SECURITY and CONTROL
The iPremier Company: Denial of Service Attack
The Survival Plan.
Presentation transcript:

The iPremier Company: Denial of Service Attack Lecture 10 The iPremier Company: Denial of Service Attack

Synopsis Successful high-end retailer shut down by a distributed denial of service (DDoS) attack which occurs for 75 minutes CIO Bob Turley coordinating from afar Some leaders helpful, others not so helpful

Case Overview Made-up case based on real events that have happened in various companies Considers the management perspective of a DDoS attack These are not common, but can be significant

What is a DoS attack? Handshake between communicating computers Can be defended if all from one recognized source Distributed DoS more difficult to defend against

What is a firewall? Combination of hardware and software to prevent unauthorized access to company’s internal computer resources iPremier ‘not a real firewall’ Attack vs intrusion

Crisis management Normal human responses? What is at stake? What principles should be followed?

How did iPremier do? Recommendations Before During After

Follow up info A few hours later, iPremier announced publicly that they have been victim of DDOS attack 75 minutes, middle of night Few customers inconvenienced Would revisit already solid computer security No conclusive evidence that intruders had tampered with production computer equipment “Fingerprint” on files had not been kept up to date, so impossible to know extent of breach

Security measures instituted Restart all production computer equipment sequentially without interrupting service to customers File-by-file examination of every file on every production computer looking for evidence of missing data Began study of how “digital signature technology” might be used to assure that files on production computers were the same files initially installed there Expedited project aimed at moving to a more modern hosting facility Modernized computing infrastructure to include more sophisticated firewall Implemented secure shell access so that production computing equipment could be modified and managed from off site Added disk space to enable more logging, leading to better information if this happened again Trained more staff in use of monitoring software, and educated about security threats Created incident-response team, practiced simulated attack Began executive search for chief security officer Instituted quarterly third-party security audits

Follow up info Joanne Ripley recommends disconnecting all production computers and rebuild from scratch Estimate 24 – 36 hours to complete Documentation there, but things can go wrong Heated debate over this suggestion “only way to be sure” “irresponsible to customers to do this” – hurt satisfaction No evidence of compromise

Thoughts Follow Ripley’s suggestion? What should be disclosed

Two weeks later… Call from FBI Now what? Competitor MarketTop has been subject to a DDoS attack Source of attack is within iPremier Now what? Shut down all? Legal Issues Credit Card Info could have been stolen…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.