source: kuenselonline.com
Content management systems not updated led to problem
Internet Service Provider 19 June, 2010 - Local internet service provider (ISP) Druknet is currently recovering, after 50 of its websites were hacked early yesterday.
Users trying to access certain websites hosted by the ISP were greeted with a blank home page and a message that said the website had been hacked.
Although some of the hacked websites were back online by afternoon, many websites were still down as of last night. Druknet’s web server, on which the websites are stored, was also taken offline periodically throughout yesterday.
The hacker or hackers had exploited websites designed, using free open sourced content management systems (CMS), like Word Press, according to Druknet.
The ISP’s general manager, Tshering Norbu, said the problem lay with customers not updating their CMS with security fixes that resolve flaws. “Customers pay a designer Nu 20,000 for a website and then just leave it static,” he said, “Usually all the designer does is customise the CMS and sell it.” He added that 95 percent of the websites hosted by Druknet do not have their content management systems updated regularly.
He pointed out that hacking websites, using outdated CMS, can be quite simple, because such information is available on the internet.
The websites of almost all financial institutions were also hacked, sparking fears among internet banking customers. But Tshering Norbu said the fear was unwarranted. He explained that Druknet only hosted the home page of the financial institution’s websites. A separate server, located at the financial institution, contains customer information, such as account numbers and financial data. He said that such servers usually had advanced security mechanisms in place. Bank officials confirmed that customer information had not been compromised.
Druknet officials said the damage caused by the attack was minor, since it was limited to the home pages of websites.
But Druknet also acknowledged that the security flaw is being taken seriously and will be followed up with an investigation. “First we recover the sites, then investigate,” said Tshering Norbu. Druknet will also prioritizse getting customers to update their CMS.
Druknet also acknowledged that a motivated hacker with advanced expertise could exploit the security flaw to manipulate data or steal information. “It depends on the skill, this time it was limited to editing scripts,” said Tshering Norbu.
“It was probably for fun, to grab some attention,” said Tshering Norbu on a possible motive. Druknet officials dismissed the idea that it could be a Bhutanese hacker.
In April last year, government computers were hacked by by an international cyber espionage network called GhostNet.
By Gyalsten K Dorji
No comments:
Post a Comment