The Ipremier Company: Denial of Serivice Attack. Case Analysis
Summary of the case: iPremier, a Seattle based company, was founded in 1996 by two students from Swathmore College. iPremier had become one of a few success web-based commerce, selling luxury, rare, and vintage goods over the Internet. Most of iPremier’s goods sell between fifty and a few hundred dollars, and the customer buys the products online with his or her credit card. iPremier’s competitive advantage is their flexible return policies which allows the customer to thoroughly check out the product and make a decision to keep the product or return it. The majority of iPremier customers are high end, and credit limits are not a problem. iPremier had contracted with Qdata, an Internet hosting business. Qdata provided iPremier with most of their computer equipment and connectivity to the Internet. Qdata was not an industry leader and was selected because it was located close to iPremier’s company headquarters and had been serving iPremier throughout the course of its new and developing business. Qdata did provide basic floor space, power, connectivity, environmental control, and physical security, and offered some high-level management services such as monitoring of web sites for customers and Internet security services such as firewall protection.
On January 12, 2007, iPremier Web servers were brought to a standstill. A denial-of-service (DoS) attack had occurred. Hackers launched the attack on iPremier. Luckily for iPremier, this was only a denial-of service attack, possibly launched by a script-kiddie, or even a competitor trying to disrupt service. The attack could have been a lot worse. iPremier’s customers pay for their purchases with credit cards, and they keep a data base containing all credit card information on their customers. The credit card database is. However, it leaves them vulnerable to an attack by hackers. If a hacker had obtained total access to their system customer credit card