Yes Virginia, There Is a Hacker…
We went to quote out a new firewall for one of our clients this morning — and found the vendor’s site had been hacked.
Since we had some behind-the-home-page links in our browser’s history, we could see that only the home page had been defaced. So, we called the vendor and they immediately took the entire site down to fix things.
While it might seem a little ironic (if not somehow darkly entertaining) that a company selling firewalls for a living got hacked, there are a few old-school lessons here worth repeating:
- A great firewall, even correctly configured, isn’t enough to protect you entirely from external threats.
- A great firewall, even when configured with gateway anti-virus, anti-malware, intrusion prevention and a bunch of other propeller-head acronyms, isn’t enough to protect you entirely from external threats.
- All of the applications exposed to the Internet (web, email, ftp servers etc.) need to be kept up date with security patches too.
- Automated monitoring–of web sites and log files–would have given the company’s system administrator a near-immediate heads up that something was wrong. As it was, the hacker had put a visitor counter on the hacked home page, and 18,402 unique visitors had already been to the site before we arrived (and before the company was aware they had been hacked).
None of these protections cost much in the way of system administration resources or hardware/software costs, (though they do require a fair amount of expertise to implement properly) and very well might have prevented this hack.
Damage to a hacked company’s reputation can cost a lot more than a new firewall for sure. When you take credit card payments, the legal requirements for dealing with a breach can result in astronomical costs.
All of which is a long way of saying that if you haven’t looked over your company’s security posture recently, now might be a good time to give us a call.
Take care,
Mark
September 23rd, 2009 at 4:30 PM
Great post! Keep ‘em coming!