Hacked websites

Is a hacked website a problem for you? Read on..

Define "Hacked" please..

Ok, here we go. For most of us, "hacked website" means that someone did something to someone elses web property without authorisation, and the rightful owner got mad. On the unofficial "mad scale", they usually go "really, really mad". I wont discuss the history of the word "hack". Look around you – discussing don't lead to anything.

Typical results

The results of successful website hacking can, if we are really strict, be divided in two variants:

  1. The ones you see
  2. The ones you don't

Variant 1 was really popular in the late 90's, but lately we have seen various attempts of comeback. More common on the local scene. Local in this case means that a motorcycle repair shop in the outback of southern Zimbawe have a website that suddenly says "Die Satzumba – long live Mptanawe!!".

Variant 2 is of course really common nowadays, as you might have seen (no, you haven't..). Usually carried out by botnet herders. Botnets are like  sheep growing money instead of fur. And someone herds them.

Agenda

Look at the result categories again, and now apply these two different "agendas" to them.

  1. "Look at me, I'm a bad*ss mother and I kick your ass anyday. Internet got me into politics. Thanks, Internet!"
  2. "Don't look at me. I make money and you don't, so please continue do what you do best – click on links."

Comparing the hackers behind these categories is something like comparing Bart Simpson with O.J Simpson. No, sorry…Bart can't hack, he's a cartoon. O.J hacked, and wasn't even near a computer. Brilliant! (Sorry for the jokes here, but you get the picture..).

Oh..whats with your computer?!

The first person ever to hear that question was a Windows user. I don't blame the user. It's just a simple fact that the most commonly used computers have an operating system made by a company that basically tries to make a toy out of an invention that otherwise does a splendid job in space shuttles, missile guidance systems, life supporting equipment, and nuclear power plants. It's not a toy, and users are usually not astronauts or engineers.

We have toys. Who could predict that we would have just one tool (one!), taking care of common tasks like

  • Watching porn
  • Apply for jobs
  • Sending money

You know where I'm getting here – computer viruses. Yesterday a computer virus was just a play, and someone wanted to show how smart they were. Today, it's about money. A lot of money. There could be a mile long post just on the topic of how viruses and botnets work, but I will let you and Google take that some other day. Short story: User clicks on link, computer get infected, computer joins botnet, botnet is a resource generating income. A valuable resource can be bought and sold, or rented for a period. Or it can be used for creating new resources.

This is how you can be affected by a hacked website. I don't want to scare you (..yes I do..) but you don't even have to click on links. It's like Sierra Leone or the Inca trail. Just being there is bad enough. And for information, hackers don't buy serverspace and set up webapges to infect your computer. Why? Because a lot of webservers have operating systems made by that toy company I mentioned. But I wont put all the blame on them. Making bad software has almost become a sport, and a lot of companies are really good at making bad code. Not intentionally, but there's something called "time to market". Instead of setting up a harmful webpage, it's better to modify (hack) someone elses webapge. This can be an automated process, and the target is NOT only porn sites and bizarre forums. It's your favourite weather site or your football teams webpage. The more visitors, the more infected computers, the bigger botnet, the more income.

Website owners perspective

Let's say you run that popular weather site that just got hacked. Will you find out? Not immediately. But after a while, you may notice this

  • Traffic is dropping
  • Income from sponsor ads is dropping
  • Competitors websites get more popular
  • "Bad press" starts to show up

Finally, you hire some expensive consultant that says the server could use some updating. Last time was August…2004. And he also found a modified script that not only served the next weeks weather, but also the next weeks hidden iframe with a trojan downloader. Bummer. You pay the consultant and expect business as normal. Double-bummer.

Your competition now has an advance. Bad press have resulted in 40% of your loyal visitors now have another weather site bookmarked. And most people sitting behind corporate firewalls and webfilters will no longer see your weather site, just a "Naughty-you-trying-to-surf-to-a-bad-website" warning in their web browsers. Income from advertismement is falling down to numbers that is way too close to what you pay your webhost. You try to get more sponsors, but your emails are dropped at the front door by email filters that care about domain reputation.

Final advice

For users

  • Keep your computer updated with the latest patches
  • Be careful where you surf to
  • Dont run your Windows with administrators privelegies

For website owners

  • Be a little picky about webhosts. Choose the big names.
  • Make IT security investments that are in balance with your business and how it relates to trust and reputation. Just a little sign of website security with products like McAffe Secure or Arbisec Sitescanner will increase security and trust for a long time.

Leave a Comment