Case Study: iPremier Cybercrime and Information Systems Controls

Verified

Added on 2020/05/11

AI Summary

This report analyzes the iPremier case study, which details a Distributed Denial of Service (DDoS) attack on the organization. The case study highlights the events before, during, and after the attack, involving key personnel like the CEO, CIO, and tech team. The report critically evaluates iPremier's information security management, assessing the effectiveness of their measures and aligning them with COBIT security control objectives. It discusses the failures in preventing the DDoS attack and explores potential internal controls for detection, prevention, and correction of cyber security issues. The report also examines the importance of data center monitoring, emergency procedures, and physical measures in mitigating cyber threats. It concludes by suggesting measures like detecting DoS attacks, preventing attacks at the network perimeter, and creating a DoS playbook for effective incident response. The study emphasizes the need for proactive security measures and robust internal controls to protect against cyber threats.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: CYBERCRIME AND INFORMATION SYSTEMS CONTROLS
Cybercrime and Information Systems Controls: The Case of iPremier
Name of the Student
Name of the University
Author’s Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1CYBERCRIME AND INFORMATION SYSTEMS CONTROLS
Table of Contents
Introduction......................................................................................................................................2
Part 2A.............................................................................................................................................3
Part 2B.............................................................................................................................................4
Bibliography....................................................................................................................................6

2CYBERCRIME AND INFORMATION SYSTEMS CONTROLS
Introduction
The report aimed to study a case of DoS attack incident occurred in iPremier organization
during January 2009. iPremier is successful web-based high-end retailer organization; during
2009, the organization was shut down by Distributed Denial of Service (DDoS) attack. However,
series of event occurred before, during and after the cyber attack; the case study clearly stated all
of them. In short, Jack Samuelson, CEO appointed Bob Turley as CIO; Joanne Ripley was Tech
Team leader, Leon Ledbetter worked as tech specialist and Leon detected the attack. Bob Turley
was distant from iPremier headquarters; so he took follow-up of everything over phone calls.
Joanne Ripley reached data center for taking preventive actions on her own; without any
precautions considered. CEO, Jack Samuelson took authority for taking corrective actions
against DDoS attack; he was distant from the incident too. Apparently, all measures in iPremier
failed to stop the DDoS attack; they had to wait until the attack stops and security breach
occurred.
In this report, the researchers have provided critical evaluation of iPremier management
activities related to information security. The critical evaluation is followed with COBIT security
control objectives. Certain justifications were discussed about whether security was foremost
priority for iPremier or not. Furthermore, three measures are mentioned in the report that is taken
so that DoS attack can be prevented. However, these actions were obvious failure from
preventing the attack from happening. The CIO thought about pulling off cord, shutting off
power thing. As per realistic thinking, shutting off power and pulling out cords could lead to loss
of log files. Therefore, log data recovery will be minimal for clients and higher authority. Some
internal controls are mentioned in later sections so that iPremier can detect, prevent and correct
their operations in cyber security.

3CYBERCRIME AND INFORMATION SYSTEMS CONTROLS
Part 2A
For iPremier case study, some measures were available that could be adopted for
preventing the cyber attack.
Data center monitoring: CIO Bob Turley asked Leon Ledbetter for calling data center
professionals to look into obvious ‘hacked’ incident. iPremier retailer organization had recruited
24/7 monitoring professionals for performing investigations, daily assessments, and network
monitoring activities. However, Joanne Ripley reached the datacenter at QData and came to
know that datacenter professional was at vacation in Aruba. For the time being, the web server
was rebooted; however, source of attack was unknown and attack was not stopped. Joanne
Ripley tried to shut down the traffic from attacking addresses; but the attackers spawned
zombies. Every time Joanne tried to shut down traffic from single attacker’s address; shut down
zombie triggers attack from ten other sites and the attack continued.
Emergency procedures: Bob Turley mentioned about emergency procedures; whether it
can be adopted for stopping the attack. Joanne Ripley served the information that the
organization had two binders; both are out of date.
Physical measures: Bob Turley thought of pulling off plugs, disconnect communication
links, power cards; shutting off the power to stop credit card being stolen. Their network
engineer had protested; it will ruin everything. Tim answered that this will cause loss of logging
data. There will be huge public disclosure issues as well. On the contrary, detailed logging is
disabled in servers and hence, log preservation is irrelevant. Since, detailed logging consumes
more disk space; finance managers were not willing to pay for additional disk spaces. However,
if additional disk spaces were available and detailed logging was enabled; then detailed log data

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4CYBERCRIME AND INFORMATION SYSTEMS CONTROLS
was stored. The iPremier authority could have this particular attack evidence based on technical
details and timestamps mentioned in log files. However, to protect smaller log files, Tim asked
Bob Turley not to take any physical measures whatsoever.
Part 2B
If iPremier retailer organization requires to in-source their data center, they should
consider some preventive, detection and corrective measures as internal control. The internal
controls are mentioned as following:
Detect DoS Attack: The iPremier runs their own server and therefore, they are able to
identify when they are under attack. Therefore, the server end, IT professional end should have
proper information about DoS attacks and they IT departments should have emergency
procedures installed in system. It is recommended that DoS attack should be detected at from
very first minute the website is hacked; otherwise, the sensitive information could be stolen.
Sooner the attack is detected; the sooner network professionals can start taking preventive
measures.
Prevent at Network Perimeter: Few technical measures exist that can be considered for
partial mitigation of attack effects. Especially when the attack started; in first few minutes, some
technical measures can be considered in simple way. For instance, CIO, tech specialist, tech team
leader can take certain actions as:
1. Provide limit on bandwidth over router for controlling the web server being
overwhelmed
2. Add necessary filters to pass router for dropping network packets that are sent
from obvious attack source

5CYBERCRIME AND INFORMATION SYSTEMS CONTROLS
3. Provide timeout with half-open connections immediately
4. Drop spoofed or distorted network packets
5. Set lower UDP, SYN, and ICMP flood drop thresholds
However, some software and analytics tools should be implemented in the server end.
ISP and network hosting should be null routed in order to bypass the infected network packets
from genuine routers.
Create DoS playbook: The best corrective measure is to create DoS playbook in the
organization. DoS attack playbook should document every details of steps that should be
followed for pre-planned response in case of attack. Playbook should include a fit out plan with
all contact person names and contact number, addresses mentioned.

6CYBERCRIME AND INFORMATION SYSTEMS CONTROLS
Bibliography
Anwar, S., Mohamad Zain, J., Zolkipli, M. F., Inayat, Z., Khan, S., Anthony, B., & Chang, V.
(2017). From Intrusion Detection to an Intrusion Response System: Fundamentals,
Requirements, and Future Directions. Algorithms, 10(2), 39.
Bartariya, S., & Rastogi, A. (2016). Security in wireless sensor networks: Attacks and
solutions. environment, 5(3).
Chlela, M., Mascarella, D., Joos, G., & Kassouf, M. (2017). Fallback Control for Isochronous
Energy Storage Systems in Autonomous Microgrids Under Denial-of-Service Cyber-
Attacks. IEEE Transactions on Smart Grid.
Khan, R., Maynard, P., McLaughlin, K., Laverty, D., & Sezer, S. (2016, August). Threat
Analysis of BlackEnergy Malware for Synchrophasor based Real-time Control and
Monitoring in Smart Grid. In ICS-CSR.
Kumar, U., & Pandey, S. K. (2016, August). Dynamic Model on DDoS Attack in Computer
Network. In Proceedings of the International Conference on Informatics and
Analytics (p. 11). ACM.
Somani, G., Gaur, M. S., Sanghi, D., Conti, M., & Rajarajan, M. (2016). DDoS victim service
containment to minimize the internal collateral damages in cloud computing. Computers
& Electrical Engineering.
Wu, Y., Wei, Z., Weng, J., Li, X., & Deng, R. H. (2017). Resonance Attacks on Load Frequency
Control of Smart Grids. IEEE Transactions on Smart Grid.

1 out of 7

Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support