Jump to content

Recommended Posts

Just letting everyone know that the other day there was a cyber Attack on a server here in the states and there are millions of websites that are down temporarily.  Engineers working for the server have shut down millions of websites to protect these websites. My website, goldseekerbooks.com is temporarily shut down until the engineers resolve the issue. If anyone has tried to go onto my site, or if you have not been able to go onto any other sites give a word up on here. I will let everyone on here know when they get it back up and running.

Any questions let me know and I will see if my web hosting company can shed any light.

Thanks, Reese/ Goldseeker5000

The Nugget Shooter's Field Guide

  • Like 3
Link to post
Share on other sites

Here is the new update. This was the 10th web data center hit this year with ransom ware. All web hosting companies have to rebuild everyone's websites. Luckily my web hosting company wasn't directly hit with the ransomware but they shut everything down and went with another data center. With this taking place, they also have to pull up backup files of the built websites to help shorten the time to get everyones websites rebuilt. Terry at my web hosting company said it sure seems like someone is trying to target Americas e-commerce industry. Steve, be alert. You might want to back up things with your forum in case the data center your forum uses gets hit. Terry said no one who has websites thru Website Express, which mine is, was directly affected. They took emediate action to protect their customers.

Screenshot_20201119-113909.png

Screenshot_20201119-113939.png

Screenshot_20201119-113955.png

Screenshot_20201119-114116.png

Screenshot_20201119-114127.png

Screenshot_20201119-114147.png

  • Sad 1
  • Oh my! 1
Link to post
Share on other sites

I do not pretend to be expert in this kind of thing, but people I know who run websites say that a huge number of other websites choose not incorporate a level of security that todays (e-commerce among others), sites require to be able to stay secure from these hacks. 

Is it the expense involved or a lack of understanding about how vulnerable web sites with no security protection are?

I would love to learn more although perhaps this is not the forum for it.

Link to post
Share on other sites

Yup, you've just got to keep your servers patches up to date much like you do with your home computers Windows or macOS. 

Hosting companies have dedicated staff to manage this situation and like everything, your only as good as your staff.  So many servers sit there for months or even years with no maintenance and become very venerable to attack or just run a variant of an operating system that poses more risk.  Your server host probably took down their servers so they could quickly go through and run all the patches on them to get them up to date and restore all the encrypted websites from backups.  It's usually only a day or two after vulnerabilities are found that a patch is made, often the vulnerabilities are found by people wanting to earn money by finding them, they spend their time finding any weakness they can and Google for example will pay them good money if the venerability is related to their software, up to 150k per bug, see this story.  People who are good at it can make quite a substantial living off finding vulnerabilities, it's called a Bug Bounty hunter, see this story and a good majority of these security holes are found and patched long before they become public knowledge, once they do though the shady people use them to make things like random-ware knowing there will be bucket loads of out of date servers out there for them to target.

A majority of hosting companies are pretty good and keep up to date with security and have little problems with this sort of thing, more commonly the problems are DDoS attacks which flood the server with traffic from zombie computers which makes it so slow it denies access.  This is harder to deal with as the traffic comes from random sources, usually personal computers that have been compromised by again, not being secure with updates or by some kid installing a dodgy hacked game with a venerability injected into it without the kid knowing.

This is why Microsoft with Windows 10 home version has now forced updates and make you reboot within a short time after doing the updates.  Too many people with older versions of Windows especially dodgy copies disabled updates or delayed doing them too long which helped the DDoS attackers latch onto these venerable machines and use them to flood websites.

Link to post
Share on other sites

I hate to say it but this kind of thing is so continuous that it’s not really news. It’s always going on, a continual state of battle. So it’s not like fix this and move on... it never ends. Patches and backups are just a way of life if you intend on being online.

  • Like 2
  • Thanks 1
  • Sad 1
Link to post
Share on other sites
12 minutes ago, Steve Herschbach said:

Patches and backups are just a way of life if you intend on being online.

...So it pays to stay current and vigilant. It is amazing how many important sites are not either.

Link to post
Share on other sites

Website is back up and running smoothly. Had an order come through 20 minutes ago. I stayed on the phone with him to make sure everything went well. It did. Fast & easy

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...