STUDENT ID: A00984599
Email: emman[email protected]
Assignment of week 1
Online websites and business face several security threats from hackers that are aiming to vandalize the website or steal information or at times notify the company about its internet security weaknesses. These threats include malicious code, bots and bot nets, phishing and DDoS or Distributed Denial of Service (Laudon K., Traver C., (2010)). Ipremier, an online business, faced one of these threats, the DDoS attack. iPremier is a successful online retailer of luxury, rare and vintage goods (Austin, R., (July 26, 2007)). The DDos attack begins by the hacker distributing bots on several computers and making these computers botnets (Laudon K., Traver C., (2010)). A botnet is a computer that is controlled by a hacker to perform activates such as participating in a DDoS attack (Laudon K., Traver C., (2010)). The hacker uses these botnets or controlled computers to flood a server with unwanted requests which slows or shutdown the server operations (Laudon K., Traver C., (2010)). This can be costly to an online business because the customers won’t be able to access the website. It can also affect the firm’s reputation if the website doesn’t work for long. However, these attacks can notify or clarify for a company its weakness points in its internet security and infrastructure.
The CIO Bob Turley was in New York when an employee called to inform him that the website is not working and that they have been receiving numerous emails that say “Ha” (Austin, R., (July 26, 2007)). The CIO called Joanne the technical operations team leader to discuss the current situation but she was still on her way to Qdata where the company servers are located and did not know what was going on (Austin, R., (July 26, 2007)). She suspected that the actions were caused by a hacker and that the sender of the e mail was unknown and hard to track (Austin, R., (July 26, 2007)). Unfortunately, their emergency plan was out dated and they couldn’t remember where the document is placed (Austin, R., (July 26, 2007)). A suggestion was made to call the police or FBI but they were concerned about negative publicity (Austin, R., (July 26, 2007)). After a while the CIO called the CTO to take his opinion on the matter (Austin, R., (July 26, 2007)). The CTO refused the idea of pulling the plug because information on the attack might be lost (Austin, R., (July 26, 2007)). The CEO mentioned that the detailed logging was not enabled so the logs won’t provide them with much information (Austin, R., (July 26, 2007)). The legal counselor called as well to provide legal advice on the matter and told the CIO to pull the plug to protect credit card information (Austin, R., (July 26, 2007)). After Joanne arrived at Qdata she wasn’t able to access the NOC for security reasons (Austin, R., (July 26, 2007)). The CEO called a senior in Qdata and Joanne was allowed access to the NOC (Austin, R., (July 26, 2007)). He discovered that the attack is directed at their firewall and it is being directed from multiple IP addresses (Austin, R., (July 26, 2007)). She tried to shutdown traffic from the IP addresses but it didn’t work because when one IP address shuts down another one operates and so on (Austin, R., (July 26, 2007)). The main concern was that customer information was not jeopardized or stolen (Austin, R., (July 26, 2007)). At 5:46 AM the attack stopped and Joanne suggested that they do a thorough audit to be sure that customer information has not been stolen and to know the points of weakness (Austin, R., (July 26, 2007)).
During the attack it was obvious that the employees were shocked by the security threat. They did not know what to do, they never faced a security threat before and they do not have an emergency plan. The employees communicated through phone calls and no one knew what needs to be done or what was happening. Also, there wasn’t a proper emergency communication with Qdata which led to banning the technical team leader from entering the NOC. The team reacted well to the situation despite that they did not have any structured plan to face the problem. They were trying to solve the problem through intuition and experience because there wasn’t any plan. They tried hard and the top managers were awakened at the middle of the night to solve the crisis. However, when looking at the overall situation there hasn’t been any systematic process in solving the problem and instead they relied on intuition and experience. (Essays, UK. (November 2013)).
If I was bob truly, the CIO, the first person I would have contacted is the CTO and I would have cancelled the meeting in New York and went to the company if possible. If it was not possible to find a flight, I would have instructed Leon to get the emergency plan and work on it. Although it is outdated, I would try to modify it as much as I can to match the current situation which can be useful. Also, I would stay in close contact with the CTO and Qdata to solve the problem faster. Some service providers do not respond to customers quickly and require the customer to call them over and over until they perform the request. In addition, after the attack is over I would have called for an emergency meeting to assess the current situation, the company’s technological infrastructure, know what information have been or could have been jeopardized and discuss the modifications on the emergency plan. (Essays, UK. (November 2013)).
Qdata and iPremier really dropped the ball on this by not thinking steps ahead. They did not have a contingency plan or any plan of sort for this worst case scenario. iPremeir had placed too much faith into Qdata`s ability to handle the situation or threat. The first thing I noticed the company did was panic, since there was no crisis strategy/disaster plan. The attack couldn’t have happened at the worse time since the attack happened during a high traffic period. If this attack was done by competitors than they got what they were looking for by hurting the reputation of the company. (Essays, UK. (November 2013)).
After the attack the company should be worried about the customer information and specially credit card and transaction information. Another thing is that the attack might have gone far and installed a bot on one of the servers. If this happens the servers might be used for another attack and the ipremier will be held responsible. Also, the infrastructure and security is not effective against threats so using Qdata as the website host must be changed. Moreover, I have to be sure that there hasn’t been any leak because if the customers know that the website was hacked they may never deal with the company again. They may not understand that these things happen and security threats happen almost all the time, several people are not familiar with the term “Cyber War”.( Essays, UK. (November 2013)).
The company should create a backup customer and transaction database that is disconnected from the internet to prevent it from being attacked from the outside. It is an online business, so the customers and their transaction information should be well protected from any attack. I would recommend that not all the website and its information to be outsourced. The server, website design, and website related information can be outsourced but the customer and transaction information should be handled internally for more control. They have to find another host other than Qdata with more abilities and more technological advancement to handle their operations and protect them from further attacks. Also, I must have a full understanding of the situation so that if there is any leak to the press I can answer their questions and find a way to assure the customers that their data is safe. (Essays, UK. (November 2013)).
Austin, R., (July 26, 2007). The iPremier Company (A): Denial of Service Attack. Harvard Business School.
Laudon K., Traver C., (2010). E-commerce 2010 (6 Ed.), chapter 5. Pearson Education.
Essays, UK. (November 2013). The Ipremier Dos Attack. Retrieved from https://www.ukessays.com/essays/information-technology/the-ipremier-dos-attack-information-technology-essay.php?vref=1
STUDENT ID: A00984599