Analecta Cyber Company Blog: White Marlin Open website hacked, multiple times

2015-09-03

White Marlin Open website hacked, multiple times


Tournament website hacked

The website for the  White Marlin Open fishing tournament, www.whitemarlinopen.com, has been the victim of multiple recent cyber attacks. Officials with the tournament wrote on Facebook that a disgruntled former employee may have been behind the attacks. The site has been repaired and is running again. Officials said the attack did not affect boat registrations and tournament entries.


Attacks on the rise

While impact appears to be minimal, small businesses and organizations are increasingly targeted and attacked online. These websites can then be used to serve malicious software (malware) to anyone on the Internet. Often the website's good reputation is used to send massive amounts of dangerous email hoping to ensnare unsuspecting users.

How to know if you've been hacked

The first warning signs of an attack like this could be:
  • Increased charges in website hosting
  • Significant increases in traffic - but not business transactions
  • Customer complaints about emails from your site or company
  • Dramatic increase in traffic or bandwidth use
  • Logs indicating malicious activity attempted
If you believe your website or company has been hacked into it's important to get the right help quickly. The risks to your business and your customers is significant and can't be overlooked.

Many industries also have specific compliance requirements that mandate immediate notification to affected parties when a data breach has occurred.

What you can do

Often remaining unscathed on the Internet is a matter of improving your security incrementally. In the physical world this is akin to deciding which house to trespass: the house that's unlocked or the house that has a locked deadbolt? A deadbolt is nowhere near the protection we would all hope it is - but it is significantly more than an unlocked door!

You may want to consider upgrading your website to take advantage of the latest and greatest Secure Sockets Layer/Transportation Layer Security features (SSL/TLS) - this is a common add-on that shows your website is trusted and the destination the user intended to visit (that little lock icon you see when you visit Google or other common websites). An added benefit to using SSL/TLS as a default method of accessing your website is that many tools that are used to quickly assess a website's security aren't able to easily connect to these servers.

Next level

In August, Analecta performed a live test of a hardened website configuration that was developed in late 2014 and improved in the early months of 2015. This hardened configuration withstood over 500,000 attempted attacks at the global hacker conference DEFCON. If you'd like to know more about this streamlined and hardened website configuration please reach us at info@analecta-llc.com.

Other References