Friday, December 7, 2012

Counter CyberCrime - Do not challenge the hackers

I'm pretty sure many organisations had faced cyber-attacks before. Some organisation might think of getting a "revenge" at the attacker. It could be a good idea, but it could also be a bad idea totally, depending on how you do it.

This is a story about why it's a bad idea, if you do it this way......

Few months ago, in that XYZ company.....

Business Owner guy: How come my users can't access this application at all? I have got emails, phone calls from everywhere, complaining!

IT Supplier chap: Mr. Business Owner sir, our Network Operation Center (NOC) just confirmed that the application is currently under DDoS attack. Our ISP and NOC is trying their best to mitigate the attack.

Business Owner guy: What? How dare they attack us. Do we have any information who is doing this to us? Can we track them?

Information Security lad: Not easy to trace. As most certainly those machines or IP addresses that we seen attacking us are zombies or compromised machines part of a botnet. I'm afraid the real attacker is a few more layers behind those compromised machines.

IT Supplier chap: We do have a solution to mitigate this attack. There is this Company P that provides protection against DDoS. It would cost us 10K EUR to use their service. From what we are seeing now, the attacks are not going to stop anytime soon and it will only get worse. Hence, it just a matter of time that our whole network would be completely brought down by it. We should engage this DDoS protection service immediately.

Business Owner guy: Ok. Let's do it. You have my approval to proceed.

2 hours later. After the solution has been implemented....

IT Supplier chap: Good news folks. The attacks have subsided. It is a right call to engage that company.

Business Owner guy: Great! But I'm still not very happy. I want whoever behind this attack punished. I want them to know that they are messing with the wrong guy. I have contacted my friend in the law enforcement and opened an official case. Not only that, I will call a press conference to tell whoever behind this that we are coming after them and that they are messing with the wrong people.