K Siddarth

21PGP100
J Rajkumar Nath
21PGP091
Sneha Gawai
21PGP077
Shikha Gupta
21PGP111
iPremier: Denial of Service Attack Archana Kharde
21PGP107
M Venkata Pavan kumar
21PGP137
Ketan Mane
21PGP129
   iPremier: Denial of Service Attack
1. How well did the iPremier Co. perform during the 75 minutes attack? If you were Bob
Turley, what might you have done differently during the attack?

 The 75-minute onslaught caught iPremier off guard. This could have resulted from an
overestimation of the Qdata's ability to regulate these situations, as well as a lack of
perception in respect to potential risks
 Qdata, an online hosting company, had contracted with iPremier to provide most of
its computer equipment and internet connection
 Qdata was chosen since it was close to iPremier's corporate headquarters and was
not considered an industry leader
 It was critical that they had guaranteed that their security systems were in place
ahead of time and that they could have prevented the website from operating at
that time
 They weren't sure if their systems had been hacked or if there had been a
distributed denial-of-service attack
 This was due to the absence of a crisis management strategy. Evidently, the
company lacked the necessary technology, such as a firewall, to combat the problem
 The ramifications for iPremier might have been far more serious if the attack had not
finished as quickly as it did, especially if it had been combined with a suspected
intrusion
 As a result, during the 75-minute attack, the iPremier Company performed
ineffectively and in a completely confusing manner
 If we were Bob Turley, we would have immediately notified the website service
provider that the firewall had been breached and that the website needed to be
inactivated or defunctionalized
 This would help save consumer information and credit card information because
everyone, even firm operators, and hackers, would be unable to access information
from the website

 2. The iPremier Co. CEO, Jack Samuelson, had already expressed to Bob 
Turley his concern that the company might eventually suffer from a 
“Deficit in operating procedures”. Were the company’s operating 
procedures deficient in responding to this attack. What additional 
procedures might have been in place to better handle the 
Attack?

Yes, the company's operations were deficient in responding to this attack because there was
a high level of inability to do anything about it. Nobody on the team, including the technical
team, had any information or ideas, additional procedures that could have been
implemented to better deal with the attack. 
The company has software and a firewall to deal with attacks such as DDoS attacks. The
company was unable to deal with the attack despite these criteria. With a considerable
disadvantage, it was an easy victim for the hackers.
Including the development of a contingency or backup plan that can assist them in not only
disabling the website immediately, but also assist them in tracking down the hacker and
bringing him to justice and appropriate steps Along with this. It is critical that they
strengthen the Firewalls and a security system.

3. As the attack ended, what can the iPremier Co. do to prepare for 
another such attack? 

Firstly, iPremier should track down the hacker to ensure that credit card details and
client information are not exploited. This is the foundation of their social obligation. It is
critical that they now reinforce their security system, which will include the formation and
implementation of extra processes.

As previously said, they should develop and use a contingency or backup plan that will allow
them to not only shut the website instantly, but also track the hacker and take necessary
action if any other such attacks occur. In addition, they must reinforce the firewalls and
security system.

4.In the aftermath of the attack, what would you be worried about? What actions would
you recommend?

Key points of concern:

 What all information is being shared with the hacker
 Was the software installed on the computer?
 What data was compromised
 Scope of similar attacks in future
Recommendations:
 Trace the hacker by using technological assistance
 Ensure the strengthening of the website
 Forensic analysis of the attack should be done
 Create a immediate response team which will take care of such attacks
 Have communication with different teams such as the shareholders, legal, etc.