Hackers wreak havoc for small businesses... and BIG ones
Many of you may have seen the news over the last few weeks that details the exploits of a number of computer hackers in cracking the security on internet sites for major organisations.
You may have heard that Sony's online gaming website was hacked exposing the account and banking details of its many users. Sites from the US Senate and the CIA were among others also hacked by the same group of hackers.
Now I hear you saying, "What has that got to do with us? - We're just a small business, why would we be at risk?" Well, over the last few years that has probably been a reasonable question, as it's hard to understand why anyone would want to get to your website to wreak havoc.
Well, events of the last month have taken many people by surprise. Melbourne-based web and domain hosting company, Distribute.IT had many thousands of domains and websites 'hosted' on their servers on behalf of thousands of small businesses, just like you.
Over the Queen's Birthday long weekend, their servers were hacked in a malicious and targeted attack which effectively made 4800 websites inaccessible belonging to those small businesses. Unfortunately, it would seem that Distribute.IT had a rather unprotected backup system to boot, so even though their expert technicians worked tirelessly throughout the days and nights following the attack to restore the information, they eventually reported through a single information page that replaced their own lost website, "At this time, We regret to inform that the data, sites and emails that were hosted on (our servers) can be considered by all the experts to be unrecoverable," it said.
"While every effort will be made to continue to gain access to the lost information from those hosting servers, it seems unlikely that any usable data will can be salvaged from these platforms.
In assessing the situation, our greatest fears have been confirmed that not only was the production data erased during the attack, but also key backups, snapshots and other information that would allow us to reconstruct these servers from the remaining data."
To make matters worse for all the affected customers, Distribute.IT were completely un-contactable during this crisis, only to post some updates via a 'Twitter'page some 10 days or so after the attack. I can only imagine the panic that infected the recovery team at the company during this time so I'm sure they probably didn't want to speak to anyone from outside. One story on one of the major current affairs programs showed footage of empty offices at Distribute IT during this process.
On a web-forum site called Whirlpool, where IT people regularly post questions and information on industry type events and issues, there is a forum which discusses the whole Distribute.IT saga which now comprises over 100 pages of worried and disgruntled customers and resellers comments, mostly to do with lack of information and what's happened to their businesses.
According to stories in the press, there are many instances of businesses that are now completely down and unable to be contacted by website contact or by email, as these were all hosted on DITs web servers. Some customers have made heart-rending comments that their life's work and therefore their business is now lost.
I spoke with Rob McAdam, the head of internet security firm Pure Hacking, a Sydney-based company specialising in ethical hacking, employed by companies to test and ensure their IT Security. Rob said "It seems from the web postings by DistributeIT that all the content from the websites hosted there has been lost along with all the backups that were kept on DistributeIT servers." He added that "if the clients had no other backup of the websites kept on DistributeIT's servers, then they will have to start all over again - a massive job for most small businesses"
In a nutshell, what we are seeing is that the internet security game is moving forward at an ever-increasing pace, and long-held ideologies on risk factors for small business are effectively out-dated.
One comment after the story on smh.com.au from a concerned user said "Since the Sony and Vodafone incidents I don't trust vendors to securely and safely handle any of my data anymore. You really need to take things into your own hands. That's fine if you're capable in this area but a lot of people aren't."
One thing is for sure, if you don't have good backups of all your critical data, including an up-to-date copy of your website, kept in an offsite location, you're asking for trouble.
Another incident that we found in the last month involved a site that had experienced a very high data usage on the internet connection which was only discovered when the bill came in with a total in the thousands of dollars. When the site was investigated, it was found that an unknown hacker had accessed the server, probably after some malicious software had been downloaded inadvertently from an infected website. This hacker was traced back to a University campus in Europe, where the trail ended. The wireless internet connection at the campus could have been accessed by anyone with a standard laptop where they could then scour the internet for infected machines and then access them with information sent back from the system.
So, I hear you all asking, what can be done to stop these people from getting in? Well, I'm afraid to say that, from what we have learned that even the CIA and major companies can be hacked, it's impossible to be absolutely 100% protected, just like Nathan Tinkler's $500,000 Ferrari.
What you can do though is take much better care of your network, and dare I say it... take full backups of your data even if you think it's safe on someone else's servers, then keep it in some format away from your main site, whether it be on external hard drives, or tapes or whatever. Read my article from the April 2011 issue of this fine magazine if you want any more convincing.
The key risk factors in any network are listed below:
- Remote Access via the internet -Do you log in from home or from AAMI's assessing centres to your system?
- Login passwords - Do you have strong passwords made up of upper-case, lower-case letter s and numbers/characters, or do you just use the same as your login, worse still, no password?
- Keep an eye on your usage meter from your Internet Service Provider to see if you have unusually high data usage that has suddenly changed.
- Make sure you have up-to-date AntiVirus and AntiMalwalware software on your computers, especially the 'one out the back in the paint room' (Guess where a lot of the virus/malware originates - just have a look at the screen saver on it)
- ADSL modem/router - Does it have a proper firewall and is it up to the standard of today's business requirements, or is it just a cheapie?
- Website hosting - I know it's there on that server somewhere in 'The Cloud' but have you got a copy yourself in case they lose it
- Backup your files - Are they backed up and taken off site regularly.
In the words of the concerned forum poster, "You really need to take things into your own hands. That's fine if you're capable in this area but a lot of people aren't"
If you don't know how to protect yourself and your data, you need to speak to someone who does know, as soon as possible, if not even sooner. Because, if you don't, you could easily become another statistic.
It is time NOW to take your computer and internet security seriously, you have been warned!!
Motive IT are specialists in design and infrastructure, and the continuous management and updating of computer systems in the Collision Repair industry. Why not give us a call if you don't have someone who can assess your system protection? Or if you do have someone, but you're not sure if they are up to the game, we'd be happy to give you a free assessment.