Diary of a Hack: Day Twelve

One of the unsung heroes in this cyber-attack is Wayne Eaker of Samutech, LLC. 

Wayne is my web guru. The person who broke the hacker's hold on my company web site. The person who tracked the location of their server to Russia. And the person who walked me through the process of filing a formal complaint with Google. (Although, as far as I know, the illegal e-mail account is still up and running.) 

 Wayne is also the person I've been peppering with questions for the past 12 days.

Having spent nearly a year of his life in Nepal studying and meditating with Buddhist priests, Wayne is a patient man. Which must come in handy when dealing with tech-challenged clients like me. 

A couple of days ago, I wanted to know if there was anything I should do to the current Fitzgerald Communications web site to protect it from future attacks. Install a new-fangled firewall? Insert some crafty kind of code?

Wayne answered this way:

"This person didn't actually do anything to your site. He just registered and set up his own site to look like yours. So I don't believe there are any technological countermeasures to the specific sort of attack this guy used. I know it's frightening to hear, but I'm not sure there's anything you can do to stop it from happening again."

I tried a different tact.

Maybe, I suggested, there's a way to stop people from linking automatically to my site, the way these folks linked to my home page.

Or maybe not. As Wayne explained:

"Well, we have the frame-busting javascript code on your site now, but really, I doubt even that would prevent someone from doing this sort of thing. It was actually sort of a lazy way for that guy to have done things, to just build a frame around your site like he did. It would have been nearly as easy to make a copy of the whole site and repost it on his webserver. It would have been to his advantage to do this as well, since then you wouldn't have been able to post the warning message on HIS version of the site.

"I suspect that others trying to do this same thing would probably copy the site. It's an easy enough thing to write a program for. In fact, your browser basically does this every time you go to a website. It downloads all the files to a local copy on your computer, and then displays it."

But there had to be a way around this. What about doing something desperate and dramatic? Like taking down both sites. Going dark.

Once again, Wayne had an answer. But not one I wanted to hear.

"Taking down the websites doesn't break your email, and you can't control the email for <http://fitzgeraldcommunications.net>, the hacker's site.  I'm not sure why you want to take down both your sites though. It seems to me that it's better to leave http://fitzgeraldcommunications.com up, with a notice stating that a scam is being perpetrated.

"If you want to have a website that only says that, and doesn't have your normal stuff, that might make sense, as it draws more attention to the issue. Though I'm not sure why you need to do that to http://mantraformurder.com.

"If you're worried that the scammer might use info off the sites in his scam, taking down the sites won't stop that. Most of the pages are cached by Google, anyhow. They will still be available there."

But that's utterly illogical, I spluttered. You're saying that people can continue to access a web site, even after that site is taken down?

"That's right," Wayne said calmly, then explained in his methodical, Zen-like way: "Google caches pages for their own indexing use. About five or six years ago, they started making that cache available. This is so if the site goes down, information can still be accessed.

"So, for example, if you search for 'fitzgerald communications ann arbor,' and look at your listing, there is a link there for the cached version, that goes to this: <>>.

And with that, Wayne had the last word.




For more information about Mantra for Murder
Phone: 734/761-8440 • Email: lindafitz@mantraformurder.com