Grandon.com Got Hacked!

Author:

Mohammed Taufeeq1,Shrivastava Utkarsh1,K Das Ashish2,Thi Nguyen Quynh3

Affiliation:

1. University of South Florida

2. RMIT Vietnam

3. RMIT University Vietnam

Abstract

A professor in information systems discovers that his personal website has been hacked. Even worse, his ISP has suspended his site because the defacement included a PayPal phishing scheme. This is not the first time this has happened. How should he recover? Dr. T. Grandon Gill, a Professor in the Information Systems and Decision Sciences Department at the University of South Florida, was traveling with his family in England when he received a strange phone message. Not being able to respond, he ignored it until—a couple of days later—he was notified that access to his personal website had been suspended (see Exhibit 1). Grandon.com had, once again, been hacked–for the 7th time. Getting his website hacked was not a new experience for Grandon Gill. In the past, however, getting the site back up and running had been a quick fix involving replacing the corrupted files. This time it was different. Based on the email and his service provider’s response, his site now contained links to PayPal phishing sites. Without significant changes, he could become complicit in fraud if the situation was not remedied. This was a problem that could no longer be ignored. After Gill had re-read the email, he pondered the various options available to him. Given the amount of trouble it was causing him, he wondered if he needed the website at all. To maintain the domain name grandon.com, which he had held for more than 20 years, all he needed to do was to put up a simple landing page with a message: “Hi, I am Grandon—go to my school account to find out more.” At the other extreme, he could completely re-engineer the site to make it much less vulnerable—a process that could take days, if not weeks. Between the two extremes, there were many other possibilities. These included changing hosts, simplifying the site so that it contained only the most critical information, dropping its WordPress component, or even going to a pure WordPress model. He had a suspicion, based on previous experience, that vulnerabilities in WordPress may have been the source of the hack. But were these vulnerabilities intrinsic to the application, or were they simply the result of his inattentive management? Whatever he decided, he needed to take action soon. It was very embarrassing, and perhaps professionally damaging, to have his site showing an unavailable message. He thought back to a popular ironic quote that said: “Good decisions come from experience, and experience comes from bad decisions.” What should he do now?

Publisher

Informing Science Institute

Subject

Sociology and Political Science,Education,Computer Science (miscellaneous)

Cited by 1 articles. 订阅此论文施引文献 订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献

1. Security Vulnerability Analysis of the Sharia Crowdfunding Website Using OWASP-ZAP;2022 10th International Conference on Cyber and IT Service Management (CITSM);2022-09-20

同舟云学术

1.学者识别学者识别

2.学术分析学术分析

3.人才评估人才评估

"同舟云学术"是以全球学者为主线,采集、加工和组织学术论文而形成的新型学术文献查询和分析系统,可以对全球学者进行文献检索和人才价值评估。用户可以通过关注某些学科领域的顶尖人物而持续追踪该领域的学科进展和研究前沿。经过近期的数据扩容,当前同舟云学术共收录了国内外主流学术期刊6万余种,收集的期刊论文及会议论文总量共计约1.5亿篇,并以每天添加12000余篇中外论文的速度递增。我们也可以为用户提供个性化、定制化的学者数据。欢迎来电咨询!咨询电话:010-8811{复制后删除}0370

www.globalauthorid.com

TOP

Copyright © 2019-2024 北京同舟云网络信息技术有限公司
京公网安备11010802033243号  京ICP备18003416号-3