UPDATE: Apparently it wasn’t Lulzsec that attacked Distribute I.T., it was someone else. Also, seemingly as a result of the attack, Distribute I.T. have been sold to Netregistry. How the company was hacked in the first place is not clear, but as it was not Lulzsec, then one can assume it was someone who had a good knowledge of the company. As they not only took down the main servers, but also the backups too, the intent was clearly malicious and premeditated.
The web host Distribute I.T. has been hacked, and at least 4800 Australian websites have been lost with no chance of recovery. According to the group, four of the company’s servers were “unrecoverable”. As reported by Fairfax Media last week, Distribute.IT was hit with a “deliberate, premeditated and targeted attack”. Customers hit the Whirlpool forums to complain that the company had not adequately responded and the event “has probably killed my business”, said one user.
The problem for most people with websites is that this would have been way outside their area of control. Unless you have a VPS or something similar, most businesses on shared hosts will be easily exposed to this sort of thing.
So what are the lessons from this event?
- Use multiple log usernames and passwords. It is a major pain in the backside, but you should have different log ins for your PayPal, Website back end and your host. When a system is compromised like this, the hackers will almost certainly have taken all the user’s email addresses and passwords.
- Make sure you have all your web details written down. Who is your host, who controls your domain, what are the usernames and passwords etc. If you need to switch hosts quickly, can you pass all the information needed along to developer fast?
- Back Up. Everything. You should have local copies of all important emails. You should also have local copies of all websites and database information. If you don’t have it, you should ask for it from your web developer.
- This includes a back up host. Could you roll into a new host at a moment’s notice? Not only in moments like this, but also what if the host goes belly up? What do you do then? There are plenty of cheap hosts available out there, just have a mind for one of them. Most businesses actually use two hosts and don’t even realise it, just because they have used different web developers over time.