|Hacking a Web Host's Server Is .|
Hacking a web host's server is so common that most of these criminal acts are not reported.
Is that statement above true?
If it is true, is there any way for this to change?
I thought that hacking into a web host's server and defacing landing pages, or removing files, etc. was a federal crime in most nations.
I was informed that was the case in the United States of America. How about your country?
I am not going to expose on whose server this occurred and I will not confirm or deny any guesses to that affect in this thread.
I do not wish to cause harm to anyone, but I am very concerned with a situation where a crime is so common that it's of no use to report it. That to report the crime causes more harm to the company that reports it than the harm caused by the criminals because the server upon which the crime was committed needs to be removed from the building in which it's supposed to be to do its job.
I am extremely concerned that a company owner feels that I, a customer, am doing harm by searching for answers like those I am asking here. That I am a troublemaker being "dramatic".
I am concerned about a community, The Net, that feels it's the price one must pay to do business on the Net -- let the criminals go free. Don't bother to report a crime.
I have been informed that the company does not have enough information to report the crime. How could that be true?
I would really appreciate some feedback people, because I am very confused.
Many organisations do not wish to reveal weaknesses in their systems. Even back in the 70s when I worked as a clerk in a bank it was most unusual to prosecute staff fraud for the same reason.
Also limited law enforcement resources are most likely going to be concentrated on dealing with things like kiddie p*rn and other complainants will probably get pushed towards civil action even for criminal matters.
On most IT matters European law is stricter than American.
was a federal crime in most nations.
If Wikipedia is correct only a minority of nations have a federal form of government
Yes, you are quite right, piatkow, a bad choice of vocabulary, federal.
I was trying to indicate central government, as in the highest legislature or lawmaking body of the nation making the particular laws for that particular crime.
So national, federal, central might be a way to make the point.
To move on, I understand completely about limited law enforcement, but isn't it against the law not to report a crime?
By the way, I realized that I did make one big mistake in my post up there. I took for granted that the owners of the web hosting company were correct when they stated law enforcement authorities would remove the server from the data center to study its contents. I have since been informed, and I thank that member for the information, that may not necessarily be true. Except the member admitted to not being familiar with enough cases to be sure about all, or most. Just with one that she was personally involved in.
So I am wondering if indeed law enforcement agencies would actually cause such harm to the web host company that the idea of cooperating with law enforcement receives another minus in the minds of the owners on top of all the other problems associated with reporting the crime.
As I wrote to the owners of that company, if they keep on turning the other cheek, so to speak, the criminals are simply going to keep attacking them, aren't they? Those same folks have been attacked at least once before and I have received word, although unsubstantiated at this time, that they have been hit twice in the past three years. Well, that would be three times, now.
And these folks are not a GoDaddy-size operation.
I just don't see how one can help stop a criminal operation if the crimes committed go unreported. That doesn't seem like the responsible course of action. Not socially correct. Not socially responsible. Sure the world isn't perfect, but that doesn't mean we have to give up, does it? The criminal element wins when people start to give up.
I also don't understand how an audit of the security breach can be accomplished if the web hosting company does not provide all the information they have about the security breach. In all honesty, these are not my brothers, so how can I be 100% sure they are telling us all we need to know?
I just don't know, so that's why I'm asking here and will evetually send a letter off the the Director of the FBI in the United States, where this company is located, and ask him what is wrong if a company feels it's more to their advantage not to report a crime. Especially a crime that affected 40 websites all at the same time.
Somehow the United States FBI must be doing something wrong. People are more scared of what they will do to the company than what the criminals will do. That can't be right.
A clients site was recently hacked. I'm fairly certain the hacker came in through the shared server of the host. In the end, the simplest course was to remove the hack and make the client happy - if not a bit more wary. I encouraged the client to stay with the host since this sort of thing is not uncommon. Changing hosts is no guarantee. Unless the client is willing to step up to dedicated hosting, it could happen almost anywhere.
Yeah, I may be apathetic, but I have better things to do with my Saturday's than try to track down the source of a hack. For me the solution is to fix it and move on. And just to be on the safe side, it's time to change some passwords... again.
I've had this happen a few times. Fix it, and move on. Probably the source of the hack is going to be on the other side of the world, in a country where lawlessness abounds - I've got 0 chance of accomplishing anything anyway.
|I've had this happen a few times. Fix it, and move on. Probably the source of the hack is going to be on the other side of the world, in a country where lawlessness abounds - I've got 0 chance of accomplishing anything anyway. |
|but isn't it against the law not to report a crime? |
I do not follow very well. First of all report it where? So I am a site owner I check my server logs, I see hack attempts (hundreds of them, on one site daily). Report what and where?
I also get hundreds of phishing emails (malware attachments etc) daily for just few domains I control directly. Again report what and where?
Can you be a bit more specific? If you mean I should report the attempts to my host or the host who initiates attacks, then that is common knowledge. They know because it happens continuously and reporting it nothing happens. And who are you going to go after and with what resources? Legal proceedings aren't free and it's highly unlikely to target the right entity.
So there are some organizations who deal with these matters because there is a certain financial benefit behind and they will accept reports you file. But even that requires certain knowledge and still takes considerable time.
|Probably the source of the hack is going to be on the other side of the world, in a country where lawlessness abounds |
Yes, or the hack can also be right from your system if it's compromised in some way.
I believe I mentioned in a similar thread that the closest entities they could do something about it, are the browser vendors. Most of the problems originate from there, because these are the tools people use to surf. Improving the security on browsers and educating its users, will surely reduce the hack incidents.
One hardens their server. One takes all precautions.
Like dealing with flies at a barbecue... you swat 'en,
Then one deals with CRIMINAL as it occurs.
No brainer in that regard. It is getting "your" local authorities involved in pursuit of the bad guys that is the most exercise... too few COUNTRIES are able to successfully allocate prosecution for cyber crime.
Well, I do not wish to cause the business that had the problem any harm, so I'll do the best I can to answer the question of what happened.
40 sites on one server ...
"... had all primary & addon domain folders defaced by the attacker.
All files on the server beginning with "log" were removed from the server by the attacker.
A number of logging systems and files were affected by the attacker."
In addition we were informed of this:
"Unfortunately, our backup systems were also affected by the removal of all files beginning with "log" so we were not able to restore these files. These would be files such as "logo.gif", "login.php", "log.txt", etc. These files will need to be manually re-uploaded to your website."
Would this attack be viewed as a normal, run-of-the-mill type of attack that would be pointless to bring to the attention of the authorities?
I'd like to to quote somebody from this article that was published in PCWorld.
Steven Chabinsky is the deputy assistant director of the FBI's cyber division.
He also asked that people report intrusions as "a civic responsibility. The FBI cannot be successful without victims coming forward and providing their assistance."
Now I don't know what he feels a "victim" is, but I sure felt like a victim a little bit back and I suspect there may be some 30 plus other owners that felt like victims. Some of those sites may have the same owner, so we'll be conservative as to the number of "victims".
On the other hand, maybe Agent Chabinsky was meaning that only real victims need come forward, not so-so victims. That we must take some measure of how much of a victim we are.
Me, I don't really know. That's why I'm asking these questions and trying to get a handle on all this business of judging the degree of a crime and whether it should be reported or not.
But I do know one thing, if somebody throws a rock through a window of a business down the street and it was thrown intentionally, there would be a report filed.
Now if it was an accident, that's a different matter, right?
But that hack as outlined above sure was no accident. Do you reckon Agent Chabinsky would post a message here in this thread that the crime committed as outlined above need not be reported?