Welcome to the all new, yet old CSINext. At the end of 2015 CSINext got a very special belated Christmas Present. The virtual host got hacked...

So the question goes "What's a hack"? The are several different types of hacks out there and you probably have heard about one or two of them. There are some data mining hacks, security hacks and the big one Denial of Service (DoS) hack. Before we jump into the different types, rest assured that CSINext was in the lines of DoS with the intent to use godaddy (our host) for Spambots and no breach to the data behind the scenes took place.

• Security Hack: this is the first step in gaining unauthorized access to a website (or server). Most hacks begin here, without it they are stopped at the front gate and can only look through the fense.
• Data Mining: Once a hacker is inside the web site (or server), they begin collecting data. A couple of the recent attacks that made the news was Target Stores collecting PIN numbers from debit cards. That's one of the reasons we all received new cards and over the past 12 months Credit Card companies have updated us with new cards that have the fancy chip. Other types of Data mining is used for indentity theft, ie getting into the government servers for Social Security numbers or other personal information to pose as you.
• Denial of Service (DoS): This type of attack prevents others from accessing the web site. Typically the hackers go after the government or some big corporation as a way to vent their frustration. You may remember a few years back when Microsoft was hit, of course they have the resources and man power to undo the DoS quickly.
• SpamBot Hack: This when code is added to the site to send spam to the world and not use their servers.

So what did happen to CSINext? Well, with my double move (home and office) in December I was lying low and enjoying the holidays. Then January got really busy and I was traveling, meeting deadlines, fixing up the new house, etc... Last weekend, I finally got around to update the blog post for the March Chapter Meeting and add the Sheldon's newsletter article. When I realized I could not login to front or back of the CSINext. I could see the pages, but no editing access. This was the first step to a DoS for CSINext, the idea of modifying a bit of code was to prevent me from accessing the site via our Content Management System (CMS) and making revisions. This gives the hackers complete access to use the site as they see fit. In the case of CSINext, they weren't able to access any of the data, just the engine for displaying the website. So while they had full access to the site it was loaded with over 50,000 HTML spambot files and 100's of backdoor code to break CSINext. The broken site could then be used to send out the spam so the rest of the world would receive the latest letter from a Nigerian prince or fulfill a Viagra prescription (and reading through these there was some interesting stuff that was being sent out).

So last weekend (1/23/16) I took the site down and started working on the backend to get access to the CSINext data. This is where all of the articles, blogs, newsletters, etc. are stored. Late Sunday, I finally made it in was able to do a full backup of the data. Then I began the process of rebuilding the front end. This is the part of the site that the CSINext members and rest of the internet see. With every fix I would find 2 more broken files. I finally took the entire site down on Tuesday and did a rebuild from scratch. This did give me an opportunity to use a different template and create a new fresh look for CSINext.

So as of Thursday Morning, the site is back. Almost everything is running. The last bit of work is to fix the Blog Archives. and do a little deep testing. So welcome to the new yet old CSINext. Cheers!