There was a massive and unprecedented DDoS (Distributed Denial of Service) attack last just week, which brought down the websites and hosting of popular Internet Companies such as Twitter, Paypal, Easy, Spotify, Reddit, Netflix… etc. To have been able to shut down all those websites via a DDoS attack required so many IP addresses. The IP addresses the hackers used were all from Internet-connected devices (Internet of Things) gadgets. Everytime you buy a household item that can connect to the Internet and can be controlled by your iPhone, it means that it has an IP address. So video recorders, refrigerators, cameras, baby monitors, etc. Someone executed a DDoS attack using these gadgets to take down a major US infrastructure. When you think about the implications of that, its very scary.
Here are some articles that explain the incident with more details:
- From USA Today, “How your DVR was hijacked to help epic cyberattack”
- From the NY Times, “Hackers used new weapons to disrupt major websites across US”
- From Popular Mechanics, “How Hackers wrecked the Internet using DVRs”
This incident helps us recognize that staying current and on top of security patches and updates is a good thing and something that we have implemented with our Client Websites in the last couple of years. We have religiously updated their websites CMS, components and plugins atleast once a year with the latest stable secure update. This means that every year their website has a brand new backend with less vulnerabilities.
Latest Server Vulnerability: Ransomware
Recently there has been a lot of discussions regarding a ransomware that targets Linux servers and deletes files. Ransomware is scary because hackers will shut down your website and demand payment. Because of this latest threat, our Server guys have requested to increase security on our servers.
For our other clients who are not hosted with us, please check your hosting server for the following: (for Linux servers only)
- Ownership / permissions for public files and folders
- SSH root login disabled
- SSH logins with sudo privileges
- Non-Standard SSH port
- SSH restriction to certain IP blocks if possible
- Firewall rules with ports and opened for required services only
- Security patching through Yum/Apt
For other servers, please check configurations with your Server System Administrators. Please note that if you are on a shared-server then your Server Admin should be taking care of your security issues.
Website Security Checklist
A few months ago, we asked our clients to install Firewalls on their websites. We did this because of the ever increasing cyberattacks that were happening.
Here is a CheckList of how you can better protect your website:
- Update your website / software constantly
- Use difficult Passwords
- Make sure your Admin access email is different from any published email on your website
- Change database table prefix
- Protect your database with a password
- Delete your installation folder / you can also rename this
- Install free and paid security plugins
- Use parameterized queries to prevent SQL injections
- When creating a form, strip out any HTML
- Minimize information on Error Messages
- Validation on browser and server-side to prevent scripting codes
- Penetration Testing
- Install Firewall
* These are security add-ons included in our security plugins, which we provided a few months ago.
For our clients who have not gotten the security plugins, its not too late. Please note that now more than ever, Firewalls are a must.
For clients not hosting their websites with us, send this checklist to your developer and make sure they implement it.
If you have any questions / clarifications, please do not hesitate to contact us.