SourceForge, one of the largest places online that houses open source project files, community and more, was recently attacked starting last Wednesday:
The general course of the attack was pretty standard. There was a root privilege escalation on one of our platforms which permitted exposure of credentials that were then used to access machines with externally-facing SSH. Our network partitioning prevented escalation to other zones of our network.
They’ve documented the experience as well as their steps of resolving the issue and preventing it from happening again. It’s well worth a read for those that are may have to deal with things like this in the future (or for those that have had to deal with in the past).
BenJPickett says
This was handled very, very well by the guys at SF. Shows their dedication to the community and gives a lot of insights as to how they work. It does leave me wondering how well Churches handle such touchy subjects? I know that at my Church we keep a large wealth of information on our members (phone numbers, addresses, names, some birthdays and other things) and I can imagine this is pretty standard now for most churches. Seeing as churches have a very high volunteer ratio and a steadily changing budget based off of donations they probably can’t justify the cost to keep personnel on pay roll to handle fending off an active attack, or maybe even finding the right people to get a real evaluation of damage that was done.
Has anyone faced this within their church? I can imagine most small churches have anything to worry about but some of the churches that are large and not at mega church status I can see having problems with this. They still get a lot of visibility but budgets are a little bit smaller and the thought of this type of threat not being as present as it would be for Saddleback or Mars Hill can make them a lot more vulnerable.
And what about CMS systems such as F1, how well prepared are they for this? After all, an un-hackable system does not exist.