By Doug Westfall, Publisher – May 2, 2019 – On 3/11/19, I was awakened quite early with the news from one of our readers that our on-line paper was basically gone. Was it Hacked or Hijacked? That was to be found out.
That reader, knowing that the paper’s servers were with GoDaddy had them calling me right away. I didn’t even remember shifting into 1st gear, but now I found myself in 4th gear moving fast. Questions were coming fast, answers not so much. At one time three different home pages could be seen at the same time by three different search engines. Go-Daddy was using one of those engines and apparently that told them that the site had been Hijacked and not Hacked. They confirmed this by checking the data files of the site and found them all intact. No sensitive information was touched or breached. On the other hand though the bad guys were able to go in and compromise the registrar responsible for the domain name setting (DNS). The attackers then made unauthorized changes to the DNS records, thereby redirecting all the traffic to anywhere they wanted. I figure though something went wrong because our site really didn’t go anywhere, not like a while back when Twitter was Hijacked and when you went to log-on that other country’s flag would appear, ours was just a huge mess with little cookie crumbs laying around.
I spent the next couple of hours on the phone with a sales rep at GoDaddy. I purchased what we needed to make our site bullet proof till the next generation of Hackers. I decided to let their techs take care of fixing everything back to it’s old self, except with all the security I’d just bought.
What was unknown until later was that thousand’s of websites using WordPress were also hit. You can pay extra to get help faster, but your work ticket just gets put in another stack of tickets where they also paid extra to expedite. Back doors would shut, side doors would then open. At one time they would send me a list and ask if I recognized these names and can we delete them. One of the cool things with WordPress base sites for people like me who don’t write code is what’s called a plugin. There’s hundreds of them and they let you customize your site the way you want. I had 27 of them, all with back doors and cubby holes where things can hide when you don’t keep them updated and watch their compatibility with your version of software.
My chore when they finally handed me back Administrative control of my site was to go through all the plugins and make sure of their integrity. As of this afternoon www.crescentcitytimes.com is safe to visit, link to and most everything else .
We all have known individuals who find great pleasure in causing grief to others. Can these same individuals sit out in front of your house and use you home network without you knowing? You bet your ass they can. You can make it pretty hard for them though. Do you use credit cards online, or automatic passwords. The grief you’ll have securing your home network will not even compare to the grief you’ll have if hacked. Twelve digit passwords are a pain but a lot harder to crack than your birthday or address or maiden name. Being a little paranoid is okay. You say, why me? I don’t have anything to hide. You do though; everyone has something they don’t want to share knowledge of. You remember the saying that to assume only makes an ass out of you and me. That was me. I thought that I had it all taken care of, but as we found out I hadn’t.
Well, those companies we all buy from could also have become lackadaisical and not have their security in place. You have to do your duty and try to be safe. Having a SSL Certificate is imperative. Look for that little Padlock off to the left of the address. If you don’t see it, don’t take a chance going there. There’s freeware that helps protect you by alerting you of dangerous websites. By the way, SSL stands for Secure Sockets Layer and, in short, it’s the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing criminals from reading and modifying any information transferred, including potential personal details. If you don’t understand this stuff, find someone who will patiently explain it all to you. Rust never sleeps and neither does internet technology, good and bad.
6 thoughts on “We were hijacked!”
Thanks , I’ve just been searching for info about this subject for a while and yours is the best I have came upon so far. However, what in regards to the conclusion? Are you sure about the source?|
Good witch Wanda is a twit. She has no clue what goes on in this community other than hearsay. My guess is she is a hoarding liberal whose backward agenda is to mouth off without any backup. Wanda the witch didn’t come from the north she was the wicked witch of the east whose toes curled up after the house landed on her.
There are two things wicked witch Wanda can do. Get active and hold elected officials accountable or stop reading cct as it seems to bother her. In any case eating bon bons is the best way to deal with her anxiety.
Did someone take your ruby slippers and throw a bucket of water on you? It couldn’t happen to a more appropriate website which is being operated by the true wicked witch of the west. Too bad they didn’t shut you down permanently. You and your ilk have hijacked the truth and are censoring or changing comments to suit your corrupt friends on the dark side. What would you do without your low intellect flying monkeys and scum-bag politicians?
CNN lists Del Norte and Curry Counties as “news deserts”. You have the distinction as being the leader of that pack of rabid, right-wing liars.
Of course you won’t post this comment either because you can’t handle the truth, and your readers aren’t intelligent enough to know the truth when it is presented to them. The truth doesn’t put money in the coffers of the Del Norte Tax Payers Association and its agenda of lies, greed and corruption.
Wanda the Good Witch
Anything specific, Wanda? Or are you just butthurt that your precious corruption is being called out?
WTH says ditto to all the comments back to Wanda.
Only to add she must be very proud of herself to criticize a true gentleman and brave Vietnam vet like Doug Westfall who wrote an innocuous post regarding problems with the website.
Glad you weathered the storm. So many unemployable kids in Mom’s basement with too much time on thier hands. What’s the motivation for this? Unless they are getting paid (probably not) or its revenge what’s the motivation to disable a website?