Well, Your CMS Just Got Hacked!
Transcript of Well, Your CMS Just Got Hacked!
![Page 1: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/1.jpg)
Well, Your CMS Just Got Hacked!
Bryan Soltis
Kentico Technical Evangelist
![Page 2: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/2.jpg)
![Page 3: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/3.jpg)
Take a deep breath…
![Page 4: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/4.jpg)
How did this happen?
![Page 5: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/5.jpg)
Environment• Unsecure network
• Firewalls
• Intrusion Detection
• VPN
• Physical access
• Data Center security
• Restricted area violation
• Internal / External threat
How did this happen?
![Page 6: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/6.jpg)
CMS• Has the CMS been updated / upgraded recently?
• Are there any known security vulnerabilities?
• Has the CMS been implemented according to best practices?
• Has a security audit been performed?
• Are there notification systems in place?
• Do you have access to the source code?
How did this happen?
![Page 7: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/7.jpg)
Code• Are you following security best-practices?
• Are you doing code reviews?
• Is you whole team familiar with the code?
• Are your developers up to date on the latest threats?
• Is the code encrypted and signed?
How did this happen?
![Page 8: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/8.jpg)
Data• Are you storing sensitive data?
• Are you encrypting data?
• Are you adhering to international guidelines / laws?
• Is your database accessible?
• Are you monitoring / controlling connections?
How did this happen?
![Page 9: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/9.jpg)
What to do now?
![Page 10: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/10.jpg)
Lock Down the System• Change logins / password
• Restrict access by IP / location
• Limit physical access
• Access data center / environment logs
• Access audit logging
What to do now?
![Page 11: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/11.jpg)
Assess the Damage• Is the system stable?
• Is there any threat to other areas of your business?
• How much data was accessed / lost?
• Do you need to restore from backups?
• How much data was at risk?
What to do now?
![Page 12: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/12.jpg)
Go Exploring• Investigate CMS Platform logs
• Investigate IIS logs
• Investigate Application / System Event logs
• Interview anyone with access
What to do now?
![Page 13: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/13.jpg)
Communicate• Inform at-risk users
• Minimize damage to personal information
• Define & communicate an action plan
• Understand and follow the appropriate laws
• Understanding government & geographical boundaries
What to do now?
![Page 14: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/14.jpg)
Consider Alternatives• Consider separate, isolated networks
• Eliminate/ Minimize sensitive data
• Tighten security / limit access
• Consider cloud hosting
• Consider “honeypot” environment
What to do now?
![Page 15: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/15.jpg)
Prevention
![Page 16: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/16.jpg)
Educate• Train your people
• IT / Development / Business
• Frequent / Ongoing
• Conferences / Workshops / Training
• Lock down your network
• Establish security policies
• Assign responsible parties
• Review / Re-evaluate often
• Budgeting for Security
• Add into to every project / budget
• Designate resources
Prevention
![Page 17: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/17.jpg)
Update the CMS Platform• Review product documentation / best practices
• Determine if others have reported the issue
• Check for any updates to your version of the platform
• Subscribe to Security Newsletters
• Contact support and discuss alternatives / next steps
Prevention
![Page 18: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/18.jpg)
Better Implementation• Write secure code
• Follow best practices
• General standards
• Platform-specific
• Code Reviews
• With every major build / deployment
• Store data properly
• Avoid storing sensitive information, if possible
• Encrypt sensitive data
• Review latest threats / standards
Prevention
![Page 19: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/19.jpg)
Test!• Security testing
• Identify all access points
• Identify / harden “soft” areas of the application
• Isolate sensitive areas and data
• Security Reviews
• Use security experts to analyze the environment and implementation
• Work with CMS vendor to ensure security
• Consulting
• Best practices
• Security newsletters
• Think like a hacker!
Prevention
![Page 20: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/20.jpg)
Review• Stabilize the system
• Identify the cause
• Fix the vulnerability
• Test your systems
• Prevent future attacks
![Page 21: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/21.jpg)
![Page 22: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/22.jpg)
![Page 23: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/23.jpg)
Questions?
![Page 24: Well, Your CMS Just Got Hacked!](https://reader031.fdocuments.us/reader031/viewer/2022012510/6188001bd28fed34297ddfa6/html5/thumbnails/24.jpg)
Bryan SoltisE-mail: [email protected]
Skype: kentico_bryans
Twitter: bryan_soltis
devnet.kentico.com
facebook.com/KenticoCMS
twitter.com/kentico
linkedin.com/company/kentico-software