Aussie web host/registrar hacked

Security and data integrity/safety are 2 of my pet loves; and pet hates when people don’t take notice of them. Notwithstanding the fact that you host your precious data with someone who you think is responsible, you need to take responsibility yourself. If something happens to your data and you’re left out in the cold, YOU are the only one who can take responsibility.

Like the 4800 web site clients of Aussie web host Distribute.IT who have just had their sites hacked and data purged. Forever it seems, seeing as Distribute.IT apparently didn’t have proper backups in place:

Customers hit the Whirlpool forums to complain that Distribute.IT had not adequately responded with information about the break-in and that the hack “has probably killed my business”.

So no feedback from the ISP? Not unusual …

“At this time, We regret to inform that the data, sites and emails that were hosted on Drought, Hurricane, Blizzard and Cyclone can be considered by all the experts to be unrecoverable,” it said.

So we didn’t have backups …

“In assessing the situation, our greatest fears have been confirmed that not only was the production data erased during the attack, but also key backups, snapshots and other information that would allow us to reconstruct these servers from the remaining data.”

Everything was onsite with no off-site backups …

James Turner, security analyst at IBRS, said: “This could be the nightmare scenario that every small/medium businessperson working on the internet has in the back of their minds. If the attack is as described then the malice behind it is appalling.”

No James, what’s appalling is the lack of due diligence on behalf of the ISP. Attacks happen all the time and systems are continuously being compromised ( in part due to poor security practices and in part due to poorly designed software ) – that’s the nature of being online. We allĀ  have to deal with it and take appropriate measures.

Take responsibility!