Get hacked, get charged, get offline

This is a fictitious story about a small Australian business owner, let’s say a Dentist. One day she decides to spend her marketing dollars on a website, instead of an advert in the Yellow Pages (who uses that nowadays anyway?), the local business guide or the local newspaper. Smart woman! Now, a website can be quite expensive. Or it can be very cheap! She gets her little nephew to setup a brochure site (a practice I don’t condone as a web professional!). Nothing fancy, people only need to find information about her practice, a contact form, maybe a feedback form for a little interaction.

All goes well. Calls for appointments come in, business is good. Once in a while, she looks up herself on Google, to see if people can find her. She tweaks the content a bit for search engine optimization, gets linked on some local business sites, decides to spend some money on Google adverts. She’s pretty happy. Once the site is on a roll, she really doesn’t need to look after it any longer, it seems. Her little nephew points her out that her website traffic is booming, it’s getting a lot of hits it seems. Cool!

Then all of a sudden appointments fall back, people aren’t calling her anymore. Is this the recession? Are people no longer getting insurance, so they can’t afford the Dentist any more? This must be the GFC! But then she looks at her website traffic, and it has fallen down to nearly nothing. She sees some European and US visitors, which obviously aren’t clients, but no more Australian users. What has just happened?

Her site got hacked! It’s not something she would be looking for, not something she knows anything about. It’s a bloody simple website. Why would anyone hack her site? What’s the point? And it wasn’t obvious either, it’s not like they defaced her homepage with pink elephants or something.

This is the point where I’ll be talking Today and Tomorrow.

Today, when your site gets hacked and points to malware/spyware, your Google entry will tell users that your site contains links to malware. But if people want they can still click through, they can still find you. Google doesn’t tell the website owner her site is hacked though, you have to find out yourself. As the website owner, you can take appropriate action, clean up your site, get some professional help protecting your site. You can then let Google know when to index your site again, as Google clearly points out the procedure. This is a private company trying to protect it’s users from downloading malware to their computers. A noble cause, though it might seem scary for the small business owner who relies on traffic coming from search results.

And this happens very, very frequently. Even to the best of us. All software, open or closed, contains holes. Some holes are easier to exploit than others. Some holes are easy to fix and get fixed quickly, some don’t. A lot of popular software contains/contained holes, like popular content management systems, forums, development platforms,… So, as it turns out, a website does need maintenance. It’s not something that you’d put out there, and let it run. You need to keep a watchful eye on it. (and start out by using a web professional, not your nephew).

But Tomorrow, things will be different. The government will protect us, the web users. Someone must think of the children. Our own anti-virus, host and router firewalls, parental filters, OpenDNS, modern browser,… just isn’t good enough.

In the case of the Dentist, it turns out the Russian mob had injected content onto her site, advertising content deemed illegal under Australian law, and then spammed millions of users pointing to the content. Her site was put on the government blacklist, according to the media, without her knowledge. The list is (used to be) secret, so it’s not something you can query to see if your site is on it. And Tomorrow, it will be taken offline. You get hacked, you get (secretly) charged, and your website gets killed off.

As said, this is a fictitious story, but it does hold some elements of truth. Web pages from those morally objectionable characters of the likes of a dentist, a dog kennel (MaroochyBoardingKennels.com.au) and canteens.com.au (that is “school cafeterias”, not whatever your and ACMA’s dirty minds make of it) ended up on the actual official government blacklist.

Any locally hosted websites hosting content deemed illegal by ACMA (Australian Communications and Media Authority) must be removed by ISP’s and content hosts. If the site is hosted overseas (tip: if you are an Australian business targeting local customers, it does make more sense to host in Australia!), the ACMA adds you to a blacklist which Today is used by client-side internet filters, but Tomorrow it will be used by the Great Australian Firewall, the network level mandatory ISP filtering scheme currently on trial. It is not clear what the procedure will be (if there is any), for complaints received at ACMA, if and how ACMA will let website owners know they got complaints, if ACMA will allow website owners to fix any issues during a grace period…

Can we even imagine where this filter is leading us too? Do we really want to go there?

As a side note, compromised home computers are being used in the hundreds of thousands around the world in illegal activities, in botnets used for spamming, temporary hosting illegal content used by fast-flux domains. Will the government be blocking all these individual IP addresses too?

2 Comments

  1. halans · March 27, 2009 Reply

    And as it happens, the Classification Board website got hacked this week: http://blog.wired.com/27bstroke6/2009/03/hackers-deface.html and as of this moment still isn’t back online. They better make sure illegal content didn’t sneak in…

  2. halans · March 29, 2009 Reply

    Time Magazine has an article on the blacklist: “A Blacklist for Websites Backfires in Australia” : http://www.time.com/time/business/article/0,8599,1888011,00.html?xid=rss-business?iid=perma_share

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.