Comment Re:Importance (Score 1) 562
Asinine.
The cost of "recovering" from the DoS attack by LOIC is zero.
Let me repeat that cost. The cost they necessarily incurred in FIXING the site from this attack is zero.
There is absolutely a justification for charging him for the cost of business loss for 15 minutes, and the cost for incident responses, which should be minimal. Even at standard incident response consulting rates for good quality infosec people, you're at $10,000 per week. I'm shocked they spent 19 weeks "fixing" this issue, at those high incident-response rates. I've responded to this sort of thing before and the customer had a comprehensive report and detailed findings for under $15k much of the time.
The cost of "fixing" the site so that it was less vulnerable to LOIC is absurd. Even in court, if you break a window, you are liable to replace A WINDOW. You are not liable to replace the window with steel, or with crystal, or refurbishing the whole building to move the windows around.