Customers advised to change passwords and scan websites for malware due to increased hacker activity
Over recent weeks we have noticed a huge increase in hacking attempts against our servers originating mostly from China. You may not be aware or have noticed that in recent years the majority of hacking attempts and surveillance queries are coming from IP addresses originating in China. Chinese hackers are becoming the most common and pervasive pests as evidenced by the US government’s Titan Rain investigation covered in this article in Computerworld. More recently, Google has expressed serious concerns about hacking attempts originating from China.
Unfortunately the government in China does nothing to stop or even discourage hackers or their illegal activities. As such, we must protect ourselves from the Chinese hackers and content thieves. We have therefore now made the decision to implement a number of IP block lists which will actively block large amounts of traffic originating from IP addresses in countries which are known for most of the hacking activity. This includes China, Korea, Nigeria, Russia and parts of south America.
As a result of this increased hacker activity there has also been an increase in the number of customers websites and email that have been compromised, largely due to their having weak passwords which have been easily hacked through basic brute force dictionary or rainbow table attacks or through vulnerabilities in their website itself.
Through our investigations we have discovered that a large number of customers have files within their websites which are allowing attackers to upload malicious code and scripts. This includes outdated and insecure CMS systems with vulnerabilities and WYSIWYG editors such FCKEditor which contain known vulnerabilities in older versions, as well as other insecure upload and file managers or insecure copie sof ColdFusion CFIDE folders, and even test files which have been left on the server by developers.
We therefore strongly advise all customers to reset both their FTP and email passwords for themselves and also for fellow users/staff to do the same. A strong password should be a bare minimum of 12 characters or more, with upper case, lower case, numbers and special characters. You should always use a unique password for every service and website, *** DO NOT USE THE SAME PASSWORD MORE THAN ONCE ***
Here are some useful tools to assist you.
- Strong Password Generator – Use this handy tool to generate strong passwords.
- LastPass - Remembering complex/strong passwords is hard if not impossible, but you don’t need to. LastPass An excellent tool for storing and managing all your passwords and other secure information in one place, so you only have to remember 1 password, your LastPass password, and LastPass does the rest, including generating your passwords for you.
We also strongly recommend that all customers also audit/scan their website ASAP for any malware and if using any popular off the shelf CMS systems such as Mura, Joomla, Drupal, WordPress etc, to update to the latest version and to also subscribe to alerts for when these products are updated.
If you do not have the necessary skills to keep your website secure, then we recommend using SiteLock.
Don’t Lose Business From Hackers
SiteLock provides comprehensive website security for small businesses. SiteLock offers online businesses a smart, cost effective way to protect their business while increasing sales by over 10% through earning trust. SiteLock’s Trust Seal also provides customer confidence and has been proven to substantially increase sales and conversions, with 70% of web visitors looking for a verifiable 3rd-party certification before providing personal data.
Quick diagnosis of any harmful infections
or malware on your business website.
Team of experienced website surgeons to repair any injuries, infections and bugs.
Daily health check of your website to keep
it off Google’s blacklist.
An X-ray of your website that discovers security holes, and virus injections.
CLICK HERE for details and pricing.