Webserver hacked
FTLComm - Regina - Thursday, June 24, 2010
Regular visitors to this web site will have noticed that we have not posted since Tuesday of last week and actually were offline Tuesday, Wednesday and most of Thursday this week. On Wednesday of last week we were on a road trip to Winnipeg and had not planned to post until Monday of this week but alas we were hacked.
Having a web server attacked is not an uncommon thing, in fact it is now the normal thing that every web service provider has had to come to terms with. During the course of Ensign's existence we have survived many hackers but some have caused us a lot of grief. Last winter our domain name server was relentlessly attacked for several weeks and that resulted in part of our organisation having to spend endless hours building up defences to protect the domain name server.
No one is actual able to explain who or what sort of monsters who are out there in the vapour world who launch these attacks nor to we know what their motives are. The most common theory is that they are illegal operatives attempting to subvert legitimate servers to use them for illegal purposes. We had this happen to our e-mail server almost two years ago and it was a serious problem also requiring expense and a huge amount of time to repair the damage and build more secure systems.
At 1:13 AM last Friday after hammering away at our web server, perhaps for hours attempting to break in, using various possible passwords and various hacks they finally damaged the file system that controls the access passwords allowing us to remotely update web pages on the server. We knew something had happened Friday morning when we discovered that the webcam was offline. It accesses the server every minute uploading a picture and will stop posting if their is a power failure in Tisdale but there had been no power failure so that meant an attack had occurred. Friday afternoon we suspected an attack but it was not only I attempted to update this site that we knew for sure things were broken.
As with the mail server and the domain server the only solution was to take the server down and rebuild it with updated software. The webserver was still serving web pages but would not accept updates. So Tuesday night it was shut down and that evening and Wednesday night it was upgraded and rebuilt. As of now it looks like it is back to normal.
We are a tiny tiny player in the scheme of the Internet, just imagine the massive cost this sort of thing impacting on the Internet as a whole. Nothing on the Internet is so secure that with enough time and persistence by a bad guy, everything can be overwhelmed. Government, businesses big and small all are attacked repeatedly. At one time these attacks were the work of goofy geeks just doing it for the fun of it but now the attacks are criminal intent, some are orchestrated by government and others by rouge corporations or organisations. One way or another it costs all of us some of our freedom and a lot of time and money.