Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 7 Next »

Overview of the Situation:

On 9/8/2020, there were multiple attacks perpetrated on tdicinsurance.com, taking the site down at least twice in a 24-hour period. 

IT partnered with 10 Lb to investigate the root cause, and logs point to outdated/unsupported DNN module vulnerabilities as the entry point.

It appears the site was hacked but there was no data dump. The top concern is malware and user vulnerabilities.

Assessment from 10 Lb:

TDIC is on a version of DNN that is right in the middle of many security vulnerabilities; 10 Lb said “right in the middle of the worst.” The top priority is upgrading the site to the most recent version of DNN.

The PackFlash module is a known security risk. 10 Lb recently helped another organization in a similar situation to migrate content from PackFlash into a stable and secure module that works on current versions of DNN, and that is the other main priority. For reference: http://www.packflash.com/. Packflash is currently used for TDIC’s menu, several list modules, and publications like Liability Lifeline and RM Matters.

Solution/Approach:

  1. Set up clean instance of TDIC from an older backup, with no content

  2. Remove any problematic modules; upgrade those that can be upgraded

  3. Export PackFlash content into Easy DNN News or other secure module

  4. Upgrade DNN

  5. When the site is upgraded/stable, import the content and assets

Next Steps:

Today (9/9):

Mark is contacting Geoff to get the oldest backup possible of the site and will create a new instance on his local machine

Chris will identify and create a list of all modules used on the TDIC site. In particular, Chris will be identifying the use of the PackFlash modules (TDIC uses multiple types of PackFlash modules). Due to the fact that 10 Lb recently worked through this issue with another client, they already have scripts written to help facilitate this process.

This week and weekend:

Mark and Chris will work through the audit of the modules to recommend which ones should be phased out or upgraded, which will give them a good idea of how long it will ultimately take to upgrade the site. Due to the severity of the situation they will be prioritizing this work and will work through the weekend so they can get us an estimate and timeline of next steps by Monday (or early next week, depending on the audit). They will keep us updated about their findings.

  • No labels