DealsDirect hit by Malicious code

Mark Freidin

23rd Mar 2010

DealsDirect was the victim of a malicious code attack on Friday 19 March when their banner ad server was hit by an SQL injection attack. Paul Greenberg, co founder of DealsDirect contacted us to let us know of the experience; “It was frustrating, a great learning experience, and no harm done to any customer. Incredibly, on the Sunday, thanks to a bit of free shipping offered to our customers, we had a very very very strong day of sales. I guess any publicity is good publicity as long as they spell your name right! Well, of course, I am being flippant and we are dealing with reputation management this week, communicating with our customers, and key stakeholders, suppliers and partners. Everyone has been incredibly supportive, and as they say, what doesn’t kill you makes you stronger.”

What happened:

Between 4:00am and 6:30am on Friday the ad server was serving some banners with a link in them to malicious content on another website. The server was shut down and removed all references to it from the site. The IT team  had to work with Google for another seven hours before they could remove DealsDirect from their blacklist.

Mark Cohen, CIO noted that nobody gained control of any of their servers and at no point was any customer data exposed. Additionally, it’s worth mentioning that all third party software is kept apart from their core systems for exactly these reasons.

Lessons learned

Until a siteowner has been attacked or hacked in some way, there tends to be an oblivious way of thinking, which is understandable as ‘you don’t know what you don’t know’. If you are a  business with an online retailing presence and you outsource your hosting, IT support etc, you may think that your host has all security under control. WRONG! There are certain things you need to do to ensure your site remains as secure as possible. One of the main causes of malicious attack to sites is when modules that have vulnerabilities are not updated, you open yourself up to all kinds of risks. Maintaining your site is something that needs to be left to those that know what they are doing. If you are not sure, ask your web developer or your host what you can do to improve your site’s security. Remember that in Australia, trust in buying online is still a shaky issue for many consumers, so if you get hacked, you have some dancing to do to convince customers that they are safe, and deal with your damaged reputation, as the team at DealsDirect has done. Oh! and remember to have regular backups of your site and database in different locations in case you cannot recover your site.