Pre-school chain Carpe Diem's website hacked

Analysing the threat further – from the Internet, where will it likely come from?

Likely to come from overseas.

So, we can now divide the Internet into 2 parts :-

(1) Local Internet traffic and bandwidth from local Internet pipe.

(2) International Internet traffic and bandwidth from International Internet pipe.

Let us go on further to analyse – which region, which network the hackers are likely to launch the attack.

Once we have intelligence on the above, we can do some of the following to restrict and mitigate the attacks from the Telco end first with full concentration on the International Internet pipe:-

(1) Throttle and constrict the traffic from certain region and network – if possible dynamically provision bandwidth through analysis of the traffic pattern.

(2) Configure Quality of Service (QoS) to prioritise traffic. For those traffic that are likely to be the attack pattern of DDoS – give less priority – so that such traffic will be discarded at the egress port. Allow network traffic that are less likely to cause harm.

By doing so, local Internet traffic (which are less likely to be the source of hackers) are given highest priority and can commit eCommerce, eTransaction – with minimal adverse effect when conducting Internet transaction.

Overseas Internet traffic – that are less or least likely to be the hacker sources – also will have minimal effect in accessing local Web portal.

Only the overseas Internet traffic – will experience slow Internet traffic – if hacking traffic surge through attack technique such as DDoS.