WHID 2009-45: Outcome: Death
This must be the worse incident reported by the Web Hacking Incident Database.
We all know that web security is highly important but neglected. We tell frightening stories but listners think they are only "FUD": fear, uncertainty and doubt, used to sell products and services. I hope that the VAServ incident will serve to warn that those are not fairytale stories. Even so, I wish this one would not have happened.
In this story, like most calamities, it seems that the laymen suffer: small entrepreneurs & upstart companies who lost everything in a hacking incident. One of them even lost his life.
| Vaserv web site reporting recovery status, June 10th: 22:19 vz47uk restored 22:21 vz46uk data loss 22:42 Please allow upto 2 hours for a ticket response as currently we have 200+ active tickets 23:02 vz67uk data loss 23:20 vz50uk data restored 23:23 vz51uk data loss 00:03 FsckVPS server26 and server27 are still being worked on, but data *appears* to be intact |
It all started on Sunday, June 7th: someone broke into the web servers of VAServ, a tiny UK based hosting company. The hackers ruined many of VAServ virtual servers. Some of them lost were for ever as the snippet from VAServ home page, serving as an emergency bulletin board, shows.
As tiny as VAServ is, probably no more than 3 people, in today's virtual and flat world they could serve tens of thousands of low cost web sites, many of them now lost for ever. Behind each one of these web sites there is a story of someone who worked hard, whether on a hobby or a small business and is now left with nothing. A comment made on one of the blog entries about the incident reads:
"yeah thanks for ruining my life for the last 2 years i had built up my site spending alot of money and giving up my job for nothing.........what am i going to tell the wife?"
Just think about tens of thousand of such stories. Daniel Voyce, a web developer using VAServ for all of his clients, told the Register:
"Since last night, I've had probably 40 phone calls from clients saying 'Why is my website down, It's making me look bad."
But this domino effect ruining so many small businesses had another even more devastating angle. Just days before the hack, someone posted on milw0rm a long list of yet unpatched vulnerabilities in Kloxo, a virtual machine management software. The list certainly looks comprehensive enough to enable anyone to penetrate a site using Kloxo, which VAServ where, leading VAServ and others to believe that LxLabs, the Bangalorian software company behind Kloxo is the culprit. Somebody claiming to be the hacker commented to the inquistir blog, claiming that weak password at VAServ where to blame for the hack, which Rus Foster from VAServ denied.
We may never know who is right and who is wrong. LxLabs, just like Vaserv, is a tiny company using the Internet to look big. However one area that suffers a lot in small companies, is their security. It is never important enough to invest resource in security in such a lean and mean operations.
But tiny giants have another weakness: it all falls on the shoulders of too few people. In the case of LxLabs, on KT Ligesh the CEO. Ligesh committed suicide just a day after the hack for which his company was blamed. While already a troubled person, one cannot escape the thought that the hacking incident was the last straw.
