Data Security & Privacy

Gawker Media DDOS Attack – What not to do

 
In The New York Times yesterday, Tim Arango reported on how the popular websites run by Gawker Media were apparently hit with a distributed denial-of-service, or DDOS, attack rendering access impossible.  The most interesting aspect of the report is how it highlights what the victim, in this case Gawker Media, of a DDOS attack might have to go through.  Undoubtedly, the folks at Gawker’s day came undone, but there are some good and bad lessons that other organization’s can takeaway from this experience. 
 
The first lesson that I would caution an organization on should an unauthorized access point be hacked is to not let the Chief Technology Officer of the company be your spokesperson.  Afterall, it was his fault for not securing the networks effectively, and anything that is said could lead to an unintentional admission that subjects the company to potential litigation/liability.  Nevertheless, Thomas Plunkett, CTO of Gawker Media, stated to the press that the DDOS attack is being investigated, but that the servers were still under attack – not exactly the right approach, since it is the job of the CTO to support the mission of the organization, not speak for it.
 
The next lesson is a memo (yes, they were that stupid to send out a memo) to company employees from, yep you guessed it, Mr. Plunkett, stating that changes have been made to isolate traffic from a particular website, and that things should get back to "normal."  WRONG!  The real translation here is that they have no clue what’s going on, because by his own admission the servers were still under attack.  Employees of the organization will undoubtedly be asked, either solicited or otherwise, about the incident, and there is no continuity in the overall corporate message/response.  Mr. Plunkett says in the report that the servers are still under attack, and then goes on to say in the memo that things are "normal."  What is it?  Under attack or normal?
 
Finally, the report goes on to state that "Mr. Plunkett’s investigators, and the staff at Datagram, a company in New York that provides space for the Gawker servers, will probably never know who led the attack, and whether Gawker was a specific target."  This is not exactly the message an organization should be sending to its stakeholders, customers, and general public at-large.  These three examples highlight that in responding to a breach of cyber-security, communications must be coordinated and succinct.  Otherwise, an organization can risk losing goodwill that it worked so hard to establish.  CTO’s beware, unless you are ready to be thrown under the proverbial bus, make sure you are adequately protected from impending liability.
 
To read the full article, please click here:  Gawker’s Blogs, for a Time, Are Silenced by Hackers
 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.