Study - Technical
- LMS-SFC - Cyber
Security - DoriN
M note, Cyber Security
Study - Technical
- LMS-SFC - Cyber
Security - DoriN
M note, Cyber Security
Dorin M Note, Cyber Security
Why
a HTML and a CMS (Joomla)
Currently, I already have
over 25 years of experience in HTML and 15 years of use of
CMS (Content Management System) ...
Then there would be more
than 15 years of experience in cybersecurity to add...
Why did I mention these?
The technology perceptible
to the user unsuspecting by the requirements of
cybersecurity is a beautiful one, practical one, without too
many problems...
By unsuspecting I don't
necessarily mean the level of user knowledge... It is one
thing to be a user, another is to work dedicatedly in making
websites, web applications, etc. Dedicated means years of
effort and toil and not a few "student" papers, a
brochure-type web page or similar.
For those who work day by
day, investing tens of thousands of hours of their lives in
something like this, that it is HTML or something else, that
it is an effort justified by a hobby or hope or with a
result materialized in a material gain, everything is
something else, totally different ...
The same is the case of
the person who processes data for a company, that there are
accounting data, that there are data about customers,
production products, commercial operations, contractual,
legal, etc... Any firm, any institution will not digest too
well a major loss of data...
Problems, problems and
again problems... This is the nightmare of the developer of
pages and web applications, this is the nightmare of the one
who processes any kind of data at the organized level.
A nightmare that arises
from the problems of the application used (no matter what it
is), from the problems of using the computer, of the
software used, from the problems of hosting, from the
problems of adaptation of the permanent evolution of the web
environment, from the problems of cyber security, from the
problems of the users, from the problems of the web
development trends, from the problems of the... blah, blah,
blah... A lot of problems...
But the saddest moment is
when you can lose your work of tens of thousands of hours
(no matter what it materializes in) ...
Yes, there is no real
physical loss, other than the reality in which you are
computerly zero and you have not made your backups, said
many.
But do you think it's that
simple?!?
The software world is a
world full of evolution... A forced evolution also due to
the evolution of the operating systems that attract the
modifications of the software used to materialize in the
results of our efforts, regardless of what they represent.
The web world is a world
much fuller of problems from the very elements of permanent
development and adaptation, independent of the webmaster who
cannot cling to a simple exploitation of software.
Problems that are easily
exploited by those who do harm, intentionally or not...
Problems that occur much less often in those who do not
really work completely on the web. But when you work only on
the web everything becomes similar to activity in the street
where any passerby can be attracted to intervene, in a good
sense or bad sense...
And, from here arise the
problems related to the malicious, to those who attack by
appropriating or doing harm to our work.
The first substantial
attack I recorded was in 2001... I was discovering web pages
made by myself, without any questionable scripts, full of
clearly malicious scripts.
The first elimination
effort was simple... In HTML you would only methodically
overwrite files and thus remove pages with inserts that did
not belong to my work and intentions. HTML didn't really
offer great insights to attackers.
But they came back...
Because it was obviously the hosting's fault... With the
study, with the preparation of the hosting, with the
insertion of possible protection solutions, etc., the
problems were solved little by little.
For example, the development in php I quickly eliminate because it was an optimal way of insertion via hosting. Java scripts were rapidly diminishing in their presence in the web pages I made. These scripts were quickly identifiable as the main input of the attackers, regardless of my efforts.
For example, the development in php I quickly eliminate because it was an optimal way of insertion via hosting. Java scripts were rapidly diminishing in their presence in the web pages I made. These scripts were quickly identifiable as the main input of the attackers, regardless of my efforts.
But these were true
problems of my website (dorinm.ro). What do you do with
customers who did not have the most vague interest in being
aware of the real problems (I will not describe any of these
because it is strictly the webmaster's problem but it is
good to note that the requests for new and new scripts were
increasing from one month to the next).
And regardless of the
technologies, regardless of the efforts, I was one, along
with those who published books in this field or populated
the solution forums. But they, the attackers, were many and
always at least one step ahead (which is still the case
today).
The fact is that I was
constantly accumulating, applying solutions permanently,
etc. in a crazy effort to have as few problems as possible,
possibly to compensate for the problems as quickly as
possible, as unnoticeable as possible for the clients.
But another problem
intervened, by permanently increasing the volume of my site,
being forced to switch to CMSs... It doesn't matter what
engine I used but I ended up at Joomla which has the
utilities I wanted and not necessarily the ability to
protect in terms of losing your work.
The problem, unnoticeable,
was that, in the case of CMSs, you will actually lose your
work for years and years... APT (Advanced Persistence
Threat) hackers are particularly intelligent, trained,
motivated, etc.
And I will only describe my last loss (there were 3 more, in the meantime, but I found justifications that made me get over the problems of that time) ...
And I will only describe my last loss (there were 3 more, in the meantime, but I found justifications that made me get over the problems of that time) ...
A CMS, of the that
moment... The work was going on, I was implementing in it
data for more than 5 years (in the case of my site),
graphics and exceptional possibilities, I was also expanding
it at the level of customers, blah, blah... And, pafff... I
lose control as an administrator... The site existed but I
couldn't work anything in it anymore...
Heh, heh, heh, I have
backups. At that time, I set the backup hosting utility to
periodically make backups to me (every three days, to lose
as little work as possible) on a total of 5 backups that
remained saved (covering a period of 15 days of backup,
during which I thought it was impossible not to notice a
problem).
What do you think came next?!?
What do you think came next?!?
Yes, I lost everything...
The hacker had infiltrated 8 months ago (I discovered this
later, studying the logs, blah, blah.) ... So, my backups
were long gone...
My first hacker
appellation was in 1999. So, I had the resources to find the
unconscious that had destroyed my work. But what's the
use... Mine had gone... And I became his nightmare (and that
of his friends), destroying for three years any attempt by
him to attack other innocents.
The moron was just
destroying and, what is more interesting, that he did not
even know what he had done to be able to recover my work
("studying techniques", as justified in a direct dialogue,
because I physically identified him and visited him
personally - attention, I just offended him, a lot, OK, very
much, because he did not really know English, that Romanian
no way and I did not break his head or at least give him a
slap for his unconsciousness - I just left defeated by fate
because, since then, when I had at least over 150,000 unique
IPs per day accessed, now I crawl to jump by an optimal, I
am no longer indexed by Alexa in the first 150,000 websites
on Earth, etc...).
But the meeting was still
constructive because I quickly eliminated the problems at my
clients' sites...
Only I was left with the
loss... In vain the recovery efforts... No chance... I
recovered some data so I could complete the HTML release of
my site and that's it... Okay and that's it... You have to
adapt...
But in August 2017, a new
blow followed, ransomware, with minor losses compared to the
previous one... An obscure hacking group that was active
then and apparently disappeared shortly after (apparently
because more than half of them changed their gang). It
remained only the same encouragement: You have to adapt...
And now (early 2021) I'm
still recovering from those losses, and I haven't even
reached halfway (after 8 years of work) ...
Other things come to do,
time is shortened awfully from a certain age, etc. Yes, time
becomes the real problem.
The fact is that now comes
the clear conclusion that whatever I work / do in HTML is
something that cannot be lost, and I accept at any time the
loss of CMS elements, regardless of the backups made (what's
the point of starting to study 3 to 4 hundred backups, since
I still do them now but on the external backup, hoping that
I have found the moment of recovery).
For this reason, there
will always be an HTML variant, backup, difficult to manage
but easy to retrieve and a CMS (in a minimal expression that
will develop if hackers let me) that streamlines the web
presence.
And, at the end of the
end, some cybersecurity tips:
1. Hackers and their
efforts and/or "products" (spam, malware, ransomware, blah,
blah) act indiscriminately (i.e., they attack and cause
damage to anyone)! Up to a point...
2. The "point" I mentioned
is represented by the target of their interest: sites and /
or products related to the number of unique IPs that access
them, the possibility of penetration into a large mass of
other targets, and other elements of spread (this maximum
dissemination being their main "start" objective).
3. When their propagation
objectives are achieved, the attack follows. Many attacks
are related to data accumulation but the main objective is
money. Theft of banking data that brings money, spam that
fools with the same intention, obtaining money, ransomware
with the clear purpose of getting money and the small
objectives of the groups dealing with spyware or activism
(organizational, state, etc.).
4. According to official
statistics the vast majority of those attacked only lose
data (photos, various works, etc.) ... Oh, yes, and money...
Whether they are individuals or legal entities (firms,
institutions, etc.). But those who lose money actually lose
considerable sums... That there are many small attacks that
will accumulate a large amount, that there are large attacks
that will accumulate considerable, huge amounts of money.
And everything will turn
into funding and motivation for those who are malicious...
It will boost, encourage, support, etc.
That is why each of us
owes it to ourselves to do something to diminish these
resources! Clear! The web world is constituted by each of us
and the weakness of one can be the weakness of all...
Dorin M - December 15, 2021