Techsoup.org, one of the best non-profit resources online, has
suffered an SQL Injection attack. The site was taken down promptly when
suspicious activity was identified, but Techsoup account holders and
anyone who has visited the site in the past few days are urged to take
security precautions immediately.
These types of attacks are known to exploit website
vulnerabilities with the intent of distributing viruses and malware.
We do not yet know all the details of this attack at this time. We do
not have any specific evidence that malware or viruses were actually
distributed; however, it is possible that people who visited our
websites between 8:00PM PDT, Tuesday August 5, 2008 and 7:45AM PDT,
Wednesday August 6, 2008 could have been exposed to viruses or
malware. The impacted sites are: - www.techsoup.org
- www.techsoup.org/stock
- www.techsoup.org/mar
- www.compumentor.org
We are advising anyone who visited any of the listed websites, during the hours noted above, to:
- Make sure your anti-virus software definitions are up-to-date.
- Run a scan of your hard drive to ensure no viruses or malware show up and follow the instructions to quarantine them.
- Review the information at http://www.us-cert.gov/cas/tips/ about managing viruses.
- Please continue to check this webpage (which is safe!) for further updates.
There's no specific reason to believe that the personal data of any
site user has been compromised, Techsoup notes, but takes the
opportunity to remind its site users to follow recommended “best practices” for safe computing. We hope that Techsoup, a vital resource for the non-profit sector, is able to resolve this issue quickly.
It's as well to note that Techsoup is far from being alone in suffering a security breach of this nature. A security attack on Convio's
GetActive software systems last year resulted in personal data being
accessed by an unauthorized third-party, and Microsoft justrecently issued a security advisory to warn of an increase in SQL Injection attacks.
This most recent attack is just another reminder that security is a critical issue
-- and it's only going to become more important, as time goes on, as
web users demand more and more interactivity from their online
experience.
You could call this the "down side" of Web 2.0.
Many websites are happily installing various modules on their
servers – discussion boards, listservs etc. -- and you need to remember
that each one of these can be a potential doorway into your server.Check that there are no open security issues reported,
change the passwords on your online accounts at least once a month, and
keep your operating system and other software updated with the latest
security patches.
"Balancing security and functionality is very tough," Wild Apricot's
Dmitry Buterin confirms. "Many times we had to not release certain
features that are very common at many other sites-- but we had to postpone it to ensure the security of our overall system."