|
Firewall Wizards
mailing list archives
RE: OK, I've been hacked, now what?
From: "Scott, Richard" <Richard.Scott () bestbuy com>
Date: Mon, 3 May 1999 12:34:46 -0500
Greetings all,
I was just wondering about these so called costs. Let's assume your web
page was defaced. That your original index.html or whatever had in fact be
copied to old.html, and a new page inserted(the hacked page).
Now I am not aware of the hacking incident, more information maybe more
helpful here.
Now if it is the case that the original page has been moved. What are the
real costs in replacing by moving it back to index.html.
The fact that the security hole already existed shouldn't be placed in the
cost of the intrusion. The cost of beefing up security maybe replacing
software/ hardware shouldn't be placed in to these superficial figures.
If you include costs for increasing the security due to the hole, then this
is of no fault of the hacker. The hole existed before hand. In fact, I
would go so far as to say that it's fraudulent use of figures. It's
analogous to a house break in. You add to the insurance claim the cost of
providing 24hr surveillance because of the security hole, or maybe the use
or purchase of hi-tech keys, because the keys were picked.
It's all to often heard that companies who are hacked claim millions of $
worth of damage, and maybe that is the case. But these are more often the
case beefed up figures, including R/D, advertising, management costs, etc
etc....
Maybe one would take a look at this and state: " if this is worth so much,
why are we leaving it out on the street?"
Just the question a police officer/insurance person would asked when you
told them you left a Rolex watch on the path outside the house, but inside a
locked 2ft gate.
The bottom line is, how much did it cost to return the site to it's original
state, plus the business lost(in terms of EC) did they company undergo. It
is often the case that figures of such are made up to bring about a
prosecution. And this maybe the case in the Mitnick case. I would advise
people to be honest in judging the loss caused by intrusions.
Richard Scott
(I.S.) E-Commerce Team
* Tel: 001-(612)-995-5432
* Fax: 001-(612)-947-2005
* Best Buy World Headquarters
7075 Flying Cloud Drive
Eden Prairie, MN 55344 USA
This '|' is not a pipe
-----Original Message-----
From: sedwards () sedwards com [SMTP:sedwards () sedwards com]
Sent: Friday, April 30, 1999 12:38 AM
To: Antonomasia
Cc: firewall-wizards () nfr net
Subject: Re: OK, I've been hacked, now what?
On Fri, 2 Apr 1999, Antonomasia wrote:
> From: sedwards () sedwards com
>
> > Yes it's true, one of my client's web page was hacked. The
attack
> > occurred on March 27.
[snip]
> Estimate the cost of the incident (when considered
finished).
> Actually I'd like to know too since you've been kind enough
to
> talk about it.
Rough guestimates:
Personnel Hours Rate Cost
----------------------------------------------------
senior management 6 300 1800
mid-management 6 150 900
senior consultant 16 150 2400
senior admin 8 75 600
mid-admin 8 50 400
junior admin #1 4 30 120
junior admin #2 4 30 120
junior admin #3 4 30 120
"retired" hardware 600
lost revenue 500
----------------------------------------------------
7560
Note that this does not include the costs of pursuing legal avenues
since
these are still in motion.
The impact of this attack was mitigated by the availability of spare
hardware on hand and reasonably fresh backups -- we pulled the
drives out
of the compromised host, replaced them with spares, installed the OS
from
CD's and restored the site content from tape.
Thanks in advance,
------------------------------------------------------------------------
Steve Edwards sedwards () sedwards com Voice: +1-760-723-2727
PST
Newline Pager: +1-760-740-1220 Fax:
+1-760-731-3000
 By Date 
By Thread
Current thread:
- RE: OK, I've been hacked, now what? Scott, Richard (May 04)
|
Intro
