Hackers Take Second Helpings On Jamie Oliver Site

Please, sir, I want some more…

No, that was a different Oliver, wasn’t it? Even so, like young Master Twist, hackers have come back for a second pass at the buffet at JamieOliver.com. The Naked Chef’s website has now been breached twice in as many months.

Where there’s tuck, there’s money

Why would a celebrity chef’s website be the target of hackers, you might ask?

The Jamie Oliver website attracts over 10 million visitors per month, and with the right kind of malware inserted into the website, anyone using a vulnerable browser can have their login names, passwords and other personal data stolen. In this case, ‘vulnerable’ applied to Internet Explorer browsers that didn’t have up-to-date plug-ins for Java and Flash.

So, it’s the prospect of rich pickings from the high-volume traffic which attracts the hackers.

Recipe for trouble 

The malicious code sitting on the main page of JamieOliver.com could install a virus onto candidate machines and then steal login or password information by monitoring user activity. It could also block security updates and use the captive machines for other web attacks such as Distributed Denial of Service (DDoS), or spamming.

The fact that the second infection was similar to the first one suggests to experts that the latter wasn’t completely eradicated – a not uncommon situation – or that there was still a flaw in the server software or Content Management System (CMS).

I’m not a celebrity, get me out of here

Hang about if you think this doesn’t affect your company’s website.

Yes, we’ve heard about the Jamie Oliver website incident because the media consider him newsworthy and, no, we didn’t hear about a similar incident concerning Mrs Dawkin’s Pie Shop in Little Lardham…but the fact is, his is just one of the 30,000 websites identified each day as distributing malicious code to its visitors.

And those 30,000 sites are not the usual suspects when it comes to malware breeding grounds: adult-themed or gambling sites. The majority are just ordinary, legitimate small businesses, unwittingly infecting visitors to their site.

Why you may be affected

There’s no doubt that JamieOliver.com was targeted because of the high volume of traffic, but hackers - like all sharks - are happy to swim in the shallows, too.

That’s because they use automated scanning tools (‘bots’) to perform the tedious task of scouring the web looking for candidate sites to infect - it may be a school blog, or a small business website, or even one of the big players; they’re all the same to a bot. The point is, the programs aren’t picky; they just have a checklist of what constitutes an exploitable weakness - a potential entry point that will allow a hacker to install their malware.

What this means is, there’s no conscious thought behind the process – no deliberate targeting, and no deliberate avoidance; your website is just an address on the bot’s search list.

So, yours may be a only small business website, but if lots of other such websites are harnessed into a ‘botnet' then, like single-celled creatures working as one large organism, they can collectively do whatever criminal work the hacker wants done, and without him being identifiable as the source of the activity.

Food for thought

Website hackers have different motives - political, idealistic, disruptive, data harvesting – but, whichever driver it is, the result can mean reputational and financial loss. If you are wanting to expand your business using the ever-growing, ever-popular online arena, an incident like this could present a major setback.

Whilst the Jamie Oliver case has triggered calls for internet service providers to offer more automatic threat-detection and prevention, that responsibility still lies firmly with website owners. If your online presence is to be a success, website security must be top of the planning list.

If you are worried about your organization being the victim of a hacking incident, check out our free guide on How to Protect Your Company from being Hacked.