Case Analysis Report iPremier: Denial of Service Attack
Analysis by: Aaron Sevy
10/20/2015
October 20th, 2015
iPremier Executive Team:
I would like to start off by saying how deeply honored we are to have this chance to discuss the many opportunities available to iPremier. After meeting with key members of your staff and thorough research of industry standards and trends my team and I have put together some recommendations to resolve your business continuity needs.
With the recent DoS attack on iPremiers website it showed us some vulnerabilities and areas that need to be addressed. This attack left iPremier exposed and with last year’s sales at $32 million there is a lot of sensitive information on your servers. That’s why our recommendation …show more content…
iPremier and Qdata had a long standing relationship, a sort of loyalty to each other if you must. The colocation center which Qdata hosted in this case provided iPremier with some floor space, power, connectivity, environmental controlled cooling, and physical security for their web hosting servers and networking equipment. On January 12th, 2007 iPremier fell victim to a SYN flood DoS attack (Denial of Service Attack) (Figure 3). This sort of attack barraged or flooded their web servers and made their website inaccessible to both employees and customers alike. At the time, Chief Information Officer Bob Turley was out of town on business which made this situation more difficult to handle. The colocation facility Qdata was not prepared and ill-equipped to deal with a problem of this magnitude. Because TechOps was unable to fix the issue in house Joanne Ripley, who was the lead rushed over to Qdata to try and restart the servers and figure out what was happening. When Joanne arrived, Qdata employees denied her entry in to the NOC which caused valuable lost time. The standard operating procedures for such emergencies were unknown or non-existent to anyone in the company which lead to panic and confusion. Key parties started acting on their own accord thinking of their own interest first, without knowing all of the facts. The escalation chain was unstructured in such a way that everyone started calling everyone and soon the Chief Executive Officer Jack Samuelson was involved (Figure 2). When Joanne started killing the IP address from the attack, it started sprouting zombies or duplicating itself. After 75 minutes from the beginning of the attack the problem ceased with no real reason why or how it happened. This time it only ended up being a denial-of service attack but it could have been a lot worse. While there is no evidence on who
Analysis by: Aaron Sevy
10/20/2015
October 20th, 2015
iPremier Executive Team:
I would like to start off by saying how deeply honored we are to have this chance to discuss the many opportunities available to iPremier. After meeting with key members of your staff and thorough research of industry standards and trends my team and I have put together some recommendations to resolve your business continuity needs.
With the recent DoS attack on iPremiers website it showed us some vulnerabilities and areas that need to be addressed. This attack left iPremier exposed and with last year’s sales at $32 million there is a lot of sensitive information on your servers. That’s why our recommendation …show more content…
iPremier and Qdata had a long standing relationship, a sort of loyalty to each other if you must. The colocation center which Qdata hosted in this case provided iPremier with some floor space, power, connectivity, environmental controlled cooling, and physical security for their web hosting servers and networking equipment. On January 12th, 2007 iPremier fell victim to a SYN flood DoS attack (Denial of Service Attack) (Figure 3). This sort of attack barraged or flooded their web servers and made their website inaccessible to both employees and customers alike. At the time, Chief Information Officer Bob Turley was out of town on business which made this situation more difficult to handle. The colocation facility Qdata was not prepared and ill-equipped to deal with a problem of this magnitude. Because TechOps was unable to fix the issue in house Joanne Ripley, who was the lead rushed over to Qdata to try and restart the servers and figure out what was happening. When Joanne arrived, Qdata employees denied her entry in to the NOC which caused valuable lost time. The standard operating procedures for such emergencies were unknown or non-existent to anyone in the company which lead to panic and confusion. Key parties started acting on their own accord thinking of their own interest first, without knowing all of the facts. The escalation chain was unstructured in such a way that everyone started calling everyone and soon the Chief Executive Officer Jack Samuelson was involved (Figure 2). When Joanne started killing the IP address from the attack, it started sprouting zombies or duplicating itself. After 75 minutes from the beginning of the attack the problem ceased with no real reason why or how it happened. This time it only ended up being a denial-of service attack but it could have been a lot worse. While there is no evidence on who