iPremier Company: A Case Study in Denial of Service Attacks 1

iPremier Company

A Case Study in

Denial of Service Attacks

By: Jack miller

iPremier Company: A Case Study in Denial of Service Attacks 2

Contents
Executive Summary 3

Problem Statement 3

Data Analysis 4

Key Decision Criteria 5

Alternative Analysis 6

Recommendations 7
iPremier Company: A Case Study in Denial of Service Attacks 3

Executive Summary

iPremier is a company success story from the late 90’s in which an internet based

company was able to grow and expand through several online website crashes. This company

could do what few others could and find a balance between providing the right products to its

customers while keeping costs down and expanding its fulfillment plants to keep up with a

growing demand. The company over its early years in the late 90’s saw great increases in their

sales and even during the market crash in 2000 the company had survived while even seeing

sales climb again afterwards. iPremier would continue to grow and expand and with this its

security became a concern. It decided to use an outside provider to secure its servers and relied

on its products and expertise to keep its networks and servers up and running.

Problem Statement

The problem that plagued iPremier was that it was over confident in its success that it did

focus on outside attacks on its servers. They believed that the company they had picked would

cover everything and did not do proper research into possible threats. It also had an issue where

the company itself did not have a proper plan in place for when such an attack would occur. The

Denial of Service attack it faced that was covered in the text, found a way to flood their networks

with attempted connection requests while also flooding email accounts to bog down the network
iPremier Company: A Case Study in Denial of Service Attacks 4

and prevent any one connecting from outside. This type of attack requires that everyone in their

management team be notified and they had to figure out what to do while the attack was going

on. This took a lot of time and caused the company some embarrassment in not being able to

efficiently handle the situation. The company they had hired also did not provide adequate and

timely support when they were needed most, where their contact person was on vacation and in

the early hours of the morning decisions could not be made to start doing things from someone

on the service providers facility. Overall, decisions on iPremier’s side were being made under

fire from the pressure of the attack without a proper plan in place and the service provider did not

have proper support in place for the timing of the attack.

Data Analysis

This type of attack was a DDOS or Denial of service attack which is when a hacker uses

phantom IP addresses or fake computers to attempt to connect to someone’s server. These

phantom attempts are made thousands of times at the same time to flood the capabilities of the

servers of the victim so that no one who is trying to legitimately try to connect to them can do so.

This can be described as filling a funnel to pour in something into a container. At the spout of the

funnel there is a smaller opening for whatever it is your pouring to empty out into the container.

If you fill the funnel too fast then the funnel will fill up and could possibly flow over. The

connection attempts are that material that is flooding into the funnel and eventually the funnel

will fill up and flow over so the connection attempts don’t connect or go into the funnel or

container. The spout or limiting end of the funnel only allows so much material to pass through

at a time and that could be determined to be the capabilities of the victim’s servers to handle

incoming connections. These denial of service attacks are particularly hard to prevent because of
iPremier Company: A Case Study in Denial of Service Attacks 5

the randomness of the connection attempts that can occur. It is not likely that a DDOS attack will

come from one single IP address as that can easily be fixed by denying access to that IP, thus

usually thousands of fake or phantom IP addresses are formed to “attack” the target. Its not easy

to defend because you may not know who is legitimately trying to connect to your server as a

customer and who might be the attacker.

Key decision Criteria

In this scenario, there are several factors that allowed the situation to get out of hand and

take a while to get under control. The first factor is that there was no proper plan of action if an

attack like this occurs. There was a plan but it was extremely out of date with wrong contact

information as well as proper procedures to follow that were up to date with current technologies

and policies. Another factor was that the company that was hired to take care of these issues, was

not properly prepared for this type of attack on a company as large as iPremier. This service

provider did not have proper 24/7 support and did not have proper backups in place for when key

contact personnel were on vacation or unavailable to make the decisions to fix the problems.

Finally, another issue was that even if there were a plan of action, no one really knew what do do

on iPremier’s side when the attack began and who to contact. There should be proper training in

place so everyone in upper management knows who to call, when to call them and how to

proceed even without needing to look at the action plan.

iPremier Company: A Case Study in Denial of Service Attacks 6

Alternative Analysis

There are several ways to go about fixing these problems that turned one DDOS attack

into a nightmare for iPremier. One of the solutions would be to create a division within the

company that focuses solely on attacks like this on and how to prevent them. Clearly the IT

department is where to base this division, and it may require that select personnel that are in the

IT division will be selected to form a committee and these individuals will be the go to people in

future attacks. This committee will be responsible for keeping the plan of action book up to date,

hold meetings on events as they occur as well as put in place 24/7 coverage so at least one person

is at the office or on call always so they can properly respond to this type of attack as it happens.

This will prevent upper management from being contacted on all levels from people panicking

and not know who to contact or what to do. This will also keep the plan up to date and actively

keep people trained and up to date on current responses.

Another option to solve this issue is to use a service provider once again to handle attacks

when they occur and leave it all in their hands. This will require that a third party be in charge of

attacks and consult on the attacks when they occur so people working for iPremier will contact

them. This will take a lot of the responsibility of creating a plan of action out of the hands of

company employees and put it in the hands of people who encounter these issues every day.

Doing this will hopefully allow more experience and qualified personnel take over during attacks

and will prevent panic from setting in from employees and allow proper chain of command take
iPremier Company: A Case Study in Denial of Service Attacks 7

place in contacting who needs to be contacted. This is a great way to have a more experienced

group of people solve your issue but it comes with relying on a third party to handle a situation

that may require immediate action. There would be a delay while iPremier personnel contact the

consultants and then for them to get on the situation.

A third solution is to do a little of both first two solutions. There would be training and a

division created within the iPremier company that is responsible for coming up with a plan of

action but it can also rely on a third-party consultant to train and give suggestions on how to do

this. Having a consultant come in and set things up would help out in giving iPremier’s

employee’s a better understanding of how to properly set up a plan of action while also giving

them the ability to move forward on their own once they have received proper training. This is a

more balanced idea and comes with less risks as it takes from both extremes and finds a middle

ground to work with.

Recommendations

I believe the best course of action is the third choice in these alternative solutions. There

should be a good mix in having company employees know exactly what to do in time of crisis as

well as getting advice from consultant parties that are more experienced in setting up these types

of plans of action. It is important to have the people on the front line know what do to because

they are the first people to see something go wrong and it is the fastest way to get on top of a

situation to prevent any more damage happen than needs to happen.

iPremier Company: A Case Study in Denial of Service Attacks 8

References
Lynda M. Applegate, R. D. (2009). Corporate Information Strategy and Management. New York:
McGraw-Hill/Irwin.

Rouse, M. (2014, November). What is? Retrieved from Whatis.techtarget.com:

http://whatis.techtarget.com/definition/Confidentiality-integrity-and-availability-CIA

Vaughan-nicols, S. J. (2017, February 22). ZD NET. Retrieved from http://www.zdnet.com/article/todays-

leading-causes-of-ddos-attacks/