The CIO has referred me to you to explain how it is possible for us to lose five hours of Web access to our own Website – at an estimated loss of sales of around $385,000 give or take a few thousand dollars. As you very well know, we depend absolutely on our Website for sales – 94% of our total revenue last year was from online purchases. So how on earth could we possibly succumb to a “DDoS”? We surely don’t run DOS, do we? Didn’t that operating system go out in the 1980s? So what happened?? And is there any way that our site can defend itself against such a disaster in future?
Tom Doherty reply below: My role at this company is upper management.
Lisette Kremer
The event this weekend has been confirmed to be DDoS attack. It started on Saturday at 5:34 EST concluded at 10:13 pm. All web services have reported being operational since the event occurred. The root cause of the event was addressed by implementing a temporary solution to block it from happening again. I will not get into the details, but the solution offers us a rate-limiting function. This function will not affect the normal business transaction. It is designed to stop DDoS attacks. We do not view this solution as final. The teams are working on a more enterprise solution. Our teams are monitoring the systems until we put an ultimate suitable solution in place. This event has the full attention of our teams.
As stated, this feature implements to stop the attack was effective, but we will be adding to it to enable an entreprise robust solution truly. We are in the process of finalizing the technical solution we will need to put in place to protect our assets. We have requested a special board review of our solution for tomorrow to secure the funding. Upon approval, implementation will start immediately. The sale cost numbers you provided us will be presented in the meeting as well as our technical solution. If you are available, your presence would add value to the discussions. As soon as the meeting is finalized, we will send you the invite. If you can are not available, please send a representative.
As stated above, this event has the full attention of all our teams. We will be finalizing the solution to this particular event today. Go forward, our teams will also be conducting a complete assessment of the production infrastructure. We will also be asking for funding for additional assistance to help secure the infrastructure. Our proposal will include the hiring of a 3 rd party security firm to assess our environment. Review our web site infrastructure and provide us with any concerns they may find. We are not restricting this assessment review only to entail security; it will include all phases of keeping systems online.
If approved, As we move forward we will keep you, and the organization include in our work and the expectations we all should be working off of.
Thomas Doherty
CISO