API Network * Any site can be hacked


	HOME \| ABOUT \| SERVICES \| FREE ADVICE \| NEWS \| OPPORTUNITIES \| CONTACT US

Being Hacked

... Don't wait until you've been hacked to call someone. Getting a security assessment is simple and inexpensive. If you're willing to spend the time, you can do much of it on your own.

CMS-based Sites Are More Prone to Being Hacked

... is not an accurate statement.

If you run a website that uses Joomla, Wordpress, Drupal or any other content management system, that alone does not mean your site is more or less secure than any other website.

Here's the rule:

Any website can be hacked. A one page HTML-only website can be hacked, hijacked or defaced by replacing or appending the valid HTML with some trival iframe code. (We've included an example below to show how this might appear)

In the past few months, we've had many calls from people wanting help getting their CMS sites back online after they were hacked. Why the sudden rash of hacks?

Blame Google! (not really)

How it works: Someone finds an exploit in some code, maybe Joomla or Coppermine, and posts at a site like milw0rm. Keep in mind, these posts have no malicious intent. It's a discovery made public to help developers and end users make the necessary changes to remain secure.

But the reality is that 99% of the time, end users are more focused on business issues, not some single line of code in their site that now opens the door to hackers. With the exploit being public, said evil-doer need only ask Google to find those sites which contain the possible open door.

An Example: Coppermine

Like any content management system, Coppermine has had it's share of security holes. In this post [waraxe-2008-SA#065], Janek finds a vulnerability in imageObjectIM.class.php that allows attackers to execute shell commands with web server privileges.

To fix this, end users need to either patch their code or install the latest version of Coppermine. To exploit this, hackers need only find Coppermine sites running anything under version 1.4.15 which can be easily and automatically facilitated with a Google search. (A current search for "Coppermine" returns well over 122 million references)

So to stay secure, *someone* needs to keep your site current. That means watching for security bulletins and applying the necessary patches. Whatever your website is, make sure you have a real backup process that runs on a frequency that's appropriate for how often your data changes. DO NOT rely on a backup routine that's included with your hosting plan.

Specifically, a backup plan must be a written document owned by you/your company. If you can't print it, then you don't have a backup/restore plan.

IMPORATANT: You could get hacked today and not realize it for weeks. By that time, a weak backup process will have overwritten itself many times and restoring just means you'll get a different copy of your hacked site.

	Risk Assessment If your site is more than a year old, you should take inventory of what you're running. It's not an elaborte process but it can save you plenty. Often, it's pay now or pay later. Get an Assessment