Presentation is loading. Please wait.

Presentation is loading. Please wait.

DDoS attack Turn slides

Published byCorrado Carnevale Modified over 5 years ago

Similar presentations

Presentation on theme: "DDoS attack Turn slides"— Presentation transcript:

1 DDoS attack Turn slides
These drive the incident along. Change the master slides to fit your company brand or templates This work is licensed under a Creative Commons Attribution 4.0 International License. Remember to delete this slide!

2 Gold team exercise Date| Time
Cyber Incident Gold team exercise Date| Time

3 1: Portal is down MONDAY | 11:00 am Main online portal on company website inaccessible since 11:00am. Traffic seems to be targeted Distributed Denial of Service attack on us alone. At 10:30am (before attack) sent to our FD from someone claiming to be attacker. Until ransom of $500,000 in bitcoin deposited into designated account they’ll “keep the attack up and keep (us) out of business.” IT trying to mitigate attack. Also talking to our Internet/Cloud Service Provider and external security experts. Hope to resolve the issue but it’s a sophisticated and heavy attack that could persist.

4 2: Update, portal restored
MONDAY | 3:00 pm Portal back up at 2.00 p.m. (3-hour outage). Attack continuing and changing. Customer traffic still slow. Some good traffic being dropped. IT also checking to see if there’s a network breach e.g. is this a diversion to cover another attack such as an effort to extract data? No indication it is. Noise on Twitter. Speculation we’ve been hacked, lost key data. Media seeking comment.

5 3: End of day Portal is up. Attack has stopped.
MONDAY | 6:00 pm Portal is up. Attack has stopped. Customer traffic still somewhat slow – we have monitoring in place. Customer traffic also increased – customers checking their access? Monitoring will stay in place overnight in case attack resumed.

6 4: Start of day TUESDAY | 9:00 am Attack relaunched at 08:30am. Portal was down for 15 mins. Portal now back up, customer traffic still quite high but moving normally. Media continues to cover this incident. IT say no evidence of any unauthorised network activity.

7 5: Update Portal still up. Attack has stopped.
TUESDAY | 11:30 am Portal still up. Attack has stopped. Resumption of noise on Twitter after brief outage this morning. Spike of mentions on media.

8 6: End of day / Incident end
TUESDAY | 11:30 am Portal up and normal. Attack stopped. No contact from attacker.

9 Incident Wrap-up

10 Questions Response Planning Processes Communications
External Threat Intelligence / ISP / Cloud support Ransom Bitcoins Overall

Download ppt "DDoS attack Turn slides"

Similar presentations

Arbor Multi-Layer Cloud DDoS Protection

Arbor Multi-Layer Cloud DDoS Protection
Network security policy: best practices

Network security policy: best practices
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
1 We’ve been p0wn’d? Review of 2015 Surface Transportation Cybersecurity Incidents 2015 TRB Session 850 Edward Fok USDOT/FHWA – Resource Center.

1 We’ve been p0wn’d? Review of 2015 Surface Transportation Cybersecurity Incidents 2015 TRB Session 850 Edward Fok USDOT/FHWA – Resource Center.
Protecting your site from DDoS and data breach attacks Ronan Lavelle LeaseWeb Web Application Security Group.

Protecting your site from DDoS and data breach attacks Ronan Lavelle LeaseWeb Web Application Security Group.
Mission Continuity Program Tabletop Exercise FY 2017.

Mission Continuity Program Tabletop Exercise FY 2017.
Campus wide Ticketing Tool for UC Berkeley

Campus wide Ticketing Tool for UC Berkeley
Explaining Bitcoins will be the easy part: Email Borne Attacks and How You Can Defend Against Them Karsten Chearis Sales Engineer.

Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Karsten Chearis Sales Engineer.
MTI Laptop Information and FAQ’s

MTI Laptop Information and FAQ’s
Job Search: 8 Steps to Success

Job Search: 8 Steps to Success
Six Steps to Secure Access for Privileged Insiders and Vendors

Six Steps to Secure Access for Privileged Insiders and Vendors
SEARCH ENGINE OPTIMIZATION

SEARCH ENGINE OPTIMIZATION
Listening Online to Inform Campaigns

Listening Online to Inform Campaigns
Explaining Bitcoins will be the easy part: Email Borne Attacks and How You Can Defend Against Them Michael Burke.

Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Michael Burke.
Real-time protection for web sites and web apps against ATTACKS

Real-time protection for web sites and web apps against ATTACKS
Introduction to a Security Intelligence Maturity Model

Introduction to a Security Intelligence Maturity Model
Six Steps to Secure Access for Privileged Insiders and Vendors

Six Steps to Secure Access for Privileged Insiders and Vendors
Explaining Bitcoins will be the easy part: Email Borne Attacks and How You Can Defend Against Them David Hood Director of Technology Marketing.

Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them David Hood Director of Technology Marketing.
WINS Monthly Meeting www2. widener. edu/wins widener

WINS Monthly Meeting www2. widener. edu/wins widener

Similar presentations

Ads by Google