Aardvark Daily aardvark (ard'-vark) a controversial animal with a long probing nose used for sniffing out the facts and stimulating thought and discussion.

NZ's leading source of Net-Industry news and commentary since 1995
Australasia's "New Economy" News And Commentary Site
Headlines | XML feed | Contact | New Sites | Press Bin | Job Centre | News Search | For Sale
Note: This column represents the opinions of the writer and as such, is not represented as fact
Oops, You've Been Hacked! 6 December 2001 Edition
Previous Edition

Million $ Ideas
At last, the contents of Aardvark's "million-dollar ideas" notebook are revealed for all to see!
Click To See
What do you do if you find that your, or your customer's websites have been hacked?

While it might be tempting to curses and swear, then hope that nobody has noticed -- that's probably not going to save the day.

Of course if you act very quickly, and have superb recovery systems in place, you might just get things back to normal before anyone notices -- but this is unlikely. Hackers tend to strike in the middle of the night when you and your support team are tucked away in their beds. Unfortunately the rest of the world is wide awake and probably spreading the word before you've even thrown the alarm clock across the room.

Need Cutting-Edge Copy?
As NZ's longest-running online commentator, I'm looking for extra syndication opportunities for this daily publication -- or I'm happy to write casual or regular material specifically to order for print or Net-based publications. If you're interested, drop me a line

Here are my tips to handling the situation, should you be faced with having your site, or sites you are responsible for, hacked.

First up -- if news has already gotten out -- don't bother denying it. If you say "no, we haven't been hacked" then the clever people will wonder if you can even recognise a hack when you see one and such a statement will reduce the credibility of any further claims you might make.

Readers Say
(updated hourly)
From Yesterday
  • Pentagone... - Anon
  • Have Your Say

    Secondly, remind yourself, your customers, and anyone else who is interested that there is no such thing as an "unhackable" website.

    If you've been hacked then you're in damned fine company. The New York Times, The Pentagon, Nasa, The FBI, Yahoo, and even Microsoft (on numerous occasions) have all fallen victim to hackers that have defaced their websites.

    The reality is that no matter how much time and effort you spend in shuring up your defenses against hackers, there's no guarantee that your (or anyone's) site won't get hit if you're unlucky enough to be the victim of a persistent and well-equipped cracker.

    Don't get me wrong -- of course you owe it to yourself and your customers to make absolutely sure that any website you administer is as bullet-proof as possible. All the available security patches should be applied, regular password qualification and updating regimes must be in place, and even the physical security of your installation should be considered.

    While it might seem like a total disaster that some pimple-faced geek-kid half a world away has turned your website into his own personal graffiti zone, such an event need not be a total loss.

    If your backup and contingency systems are up to scratch, you will have the chance to impress your customers by restoring things back to normal in a very efficient and professional manner.

    There's also the chance to get a good dose of free publicity.

    Tell the media how you were able to put things right in the blink of an eye (assuming this is the case) and make it clear that the attack has allowed you to further strengthen your defenses.

    When some websites operated by a local developer were hacked yesterday, I doubt that any other website operators or hosting companies were rubbing their hands with glee -- because they know that if the hackers had picked on their machines, they might have found themselves in the same boat.

    Remember -- even if all the known bugs in your OS and webserver are patched -- you don't know how many "yet to be discovered" security holes are lurking, just waiting to be exploited by some dork who wants to show off.

    Save The Aardvark Fund
    Yes, I have had several donations to the Aardvark fund and I thank those who put their money where their mouse is :-)

    If guilt is gnawing away inside you then there's still time to donate.

    Just drop by and hand over your loot.


    Free News Syndicated From 7amNews.com
    Add it to your own site
    Net/Tech

    MP3/Net-Music


    Add Aardvark To Your Own Website!
    Got a moment? Want a little extra fresh content for your own website or page?

    Just add a couple of lines of JavaScript to your pages and you can get a free summary of Aardvark's daily commentary -- automatically updated each and every week-day.

    Aardvark also makes a summary of this daily column available via XML using the RSS format. More details can be found here.

    Contact me if you decide to use either of these feeds and have any problems.

    Did you tell someone else about Aardvark today? If not then do it now!

    There are new Vacancies Last added 2 Oct In The Job Centre

    There are 14 Domain Names for sale

    Latest
    Security Alerts
    Admins asked to check buggy line printer daemons (AAP - 08/11/2001)

    New vulnerability exposes Excel and PowerPoint macros ZDNet - 29/10/2001)

    Microsoft tightens software security (CNet - 16/08/2001t)

    Code Red Worm A 'Runaway Success' (7amNews - 20/07/2001)

    Latest
    Virus Alerts
    Hybrid DDoS worm strikes MS servers (ZDNet - 23/11/2001)

    Finaldo worm on the crawl (ZDNet - 09/11/2001)

    Tripple-threat Worm Strikes (Aardvark - 19/09/2001)

    Bookmark This Page Now!

     

    MORE NEWS
    NZL Sites
    IDG.Net.nz
    NZ Netguide
    NZ Herald Tech
    PC World NZ
    Scoop
    NZOOM Technology WordWorx

    AUS Sites
    Fairfax IT
    Australian IT
    AFR Tech
    AUS Netguide
    NineMSN Tech
    APC Magazine

    USA Sites
    Wired.com
    CNet
    CNNfn Tech
    TechWeb
    Yahoo Tech
    ZDNet Tech
    USA Today Tech
    7am.com SciTech

    UK Sites
    The Register
    BBC SciTech

     

    The Day's Top News
    Open in New Window = open in new window
    New Zealand

    Open in New Window Corporate customers the winners in Voyager changes
    The closure of ISP Voyager's consumer arm will force 11,000 users to find connection elsewhere, but parent company MCI WorldCom says corporate customers should look at the move as "good news"...
    IDG

    Open in New Window 3months wins govt site redesign
    A Wellington software development company that tries not to accept any project that takes longer than three months to finish has been awarded the contract to redevelop the e-government website...
    IDG

    Other

    Open in New Window 'Goner' Today, and Forgotten
    This week's "Goner" e-mail worm was wonderfully hyped by the antiviral companies whose business relies on protecting Internet users from sad-sack e-mail worms like Goner...
    Wired

    Open in New Window Taking Curl for a Whirl
    Some of the best minds at MIT, including Tim Berners-Lee, are working on a new Web-building technology called Curl. It faces a host of challenges, including Microsoft stomping it to death...
    Wired

    Open in New Window rity Advisory Site Suffers Attack
    The Web site of the Computer Emergency Response Team (CERT) is undergoing a distributed denial of service attack, officials at the federally funded computer security clearinghouse confirmed today...
    NewsBytes

    Open in New Window U.S. Approves New 256-Bit Encryption Standard
    The U.S. government has updated its encryption standard for computer transmissions, replacing an aging standard first put in place in 1977, the Commerce Department said on Tuesday...
    Yahoo/Reuters

    Open in New Window Gates to take role of ad salesman
    Microsoft is ready to call out its big gun, Chairman Bill Gates, to pitch a select group of European ad executives on the software titan's ambitious online media efforts...
    CNet

    Australia

    Open in New Window Site matches marketers, consumers
    Australia Post is luring consumers to join a new marketing database by offering them $1 for every email or SMS "offer" they respond to...
    SMH

    Open in New Window Optus’ Xmas pressie to staff: forced annual leave
    Optus will force 1700 staff to take annual leave over the festive period, a move that will save the country’s second largest telco AU$14 million, according to Union officials...
    ZDNet

    Other

    Open in New Window New Video Screen Is Like Paper
    The picture is small, and it's far from crisp, but Dutch researchers claim they've taken an important step in the race for a video screen with the properties of a piece of paper...
    Yahoo/AP

    Open in New Window Internet anonymity for Windows power users
    Our previous article, "Do-it-yourself Internet anonymity" was targeted towards average Windows users. It generated a startling number of e-mail requests for some advanced tactics, which...
    The Register

    Open in New Window Get your filthy hands off my CDs
    By the middle of next year, the music industry will have put the controversy of BMG's bungled attempt to prevent Natalie Imbruglia's While Lilies Island CD from being copied behind it and will have thoroughly embraced copy-protection technology...
    The Register

    Open in New Window Yahoo defends intrusive ads, fees
    The Internet media company's recent efforts to make money--some of which have upset consumers--are necessary moves in the evolution of the medium, an executive says...
    CNet

    Open in New Window Web's Beginning to Sound a Lot Like Christmas
    The hills -- and elevators and airwaves -- are alive with the sound of Christmas music. Why should cyberspace be any exception?...
    Yahoo


    Looking For More News or Information?

    Google
    Search WWW Search Aardvark
    Try the Aardvark News Search page or look here.co.nz

    Privacy Policy | Copyright © 2001, Bruce Simpson, free republication rights available on request

    jet engine page