I think blogs will be a pretty big target…
CNN.com – Will hackers attack 6,000 Web sites in 6 hours on July 6? – Jul. 3, 2003
WASHINGTON (AP) – The government and private technology experts warned Wednesday that hackers plan to attack thousands of Web sites Sunday in a loosely coordinated “contest” that could disrupt Internet traffic.
I was reading about this Wednesday–I even followed the story to the “official” contest website for these hackers. It looks to me (vaguely) like a hoax… But why take chances? If it isn’t a joke, I think blogs would be among the most likely targets. They’re prevalent, easy to find, relatively easy to break into, and the results of the defacing would be seen by many.
According to the contest rules, the participants must deface as many websites as possible. For control and verification of participation the marring will involve attaching content from a pre-specified, hacker-centric website to the homepages of violated websites. In other words, they’ve got this one site with content on it; the goal is to hack into your site and change your homepage to either be, or include material from, the hacker website. Referrer stats on the hacker site will then be used to identify and track the defaced sites.
It makes sense and seems pretty simple.
The simplicity and functionality of it are what give rise to my fear that it might not be a hoax. Using referrer logs to identify to what domain–and this is one of the rules, that the defaced site must be its own domain–content is being pulled is logical. It works. Most major websites watch their logs to see who’s stealing their content and bandwidth. Within this contest it will be used to keep score.
Hosting companies and ISPs are taking the threat seriously.
Since hearing about the threat on Wednesday I’ve talked to some of my contacts in the web hosting industry. They’re all taking steps to shore up their security and to recover quickly when and if their servers are hacked. For most providers, shoring up their security also means temporarily disabling some of their customers’ functionality (FTP, SSH, Telnet, and specific Perl, PHP, FrontPage, ASP, etc. modules). Most are strongly advising their customers to make local backups of their own sites.
It stands to reason that many in the blogosphere, by virtue of the facts that our sites receive a lot of traffic and the defacing would be very public, are potential targets. We wouldn’t be the most highly covetted of targets, no, but since the contest is about quantity rather than quality, I think we’ll be prime targets. Our sites are generally hosted on large virtual server networks. Thus, if a hacker enters the provider’s server at the point of one site, and his goal is to deface as many sites as possible, he’ll move through (and mar) as many of the sites on the compromised server/server farm as he can before being detected and ousted. It’s simply time- and effort-saving logic.
Whether this contest is a hoax or not, it would be a good idea if we in the blogosphere backed up our sites, including and especially blogs, to our own computers before Sunday. I can easily envision pulling up my blog to see that every single post was no longer home to my musings, but instead now carried some graphic from the hacker contest site.
[shudder]
I caution you: Please backup your site(s). Do this Saturday evening before midnight GMT… Then again before midnight in each US timezone.
If your blog is hacked and compromised, and you need help getting it back up and running, let me know. If I can help I will.
Oh no! This is truly a disaster. *looks at clock* And its 12:06 pm Saturday!
That is truly disturbing.
That’s–what’s it called?–sarcasm, right?