jimji - 1:14 pm on Sep 27, 2010 (gmt 0)
Well, I do not wish to cause the business that had the problem any harm, so I'll do the best I can to answer the question of what happened.
40 sites on one server ...
"... had all primary & addon domain folders defaced by the attacker.
All files on the server beginning with "log" were removed from the server by the attacker.
A number of logging systems and files were affected by the attacker."
In addition we were informed of this:
"Unfortunately, our backup systems were also affected by the removal of all files beginning with "log" so we were not able to restore these files. These would be files such as "logo.gif", "login.php", "log.txt", etc. These files will need to be manually re-uploaded to your website."
Would this attack be viewed as a normal, run-of-the-mill type of attack that would be pointless to bring to the attention of the authorities?
I'd like to to quote somebody from this article that was published in PCWorld.
Steven Chabinsky is the deputy assistant director of the FBI's cyber division.
He also asked that people report intrusions as "a civic responsibility. The FBI cannot be successful without victims coming forward and providing their assistance."
Now I don't know what he feels a "victim" is, but I sure felt like a victim a little bit back and I suspect there may be some 30 plus other owners that felt like victims. Some of those sites may have the same owner, so we'll be conservative as to the number of "victims".
On the other hand, maybe Agent Chabinsky was meaning that only real victims need come forward, not so-so victims. That we must take some measure of how much of a victim we are.
Me, I don't really know. That's why I'm asking these questions and trying to get a handle on all this business of judging the degree of a crime and whether it should be reported or not.
But I do know one thing, if somebody throws a rock through a window of a business down the street and it was thrown intentionally, there would be a report filed.
Now if it was an accident, that's a different matter, right?
But that hack as outlined above sure was no accident. Do you reckon Agent Chabinsky would post a message here in this thread that the crime committed as outlined above need not be reported?