HostGator: Ex-Employee Breaches Security
29-year-old Eric Gunnar Grisse of San Antonio, TX was recently arrested and charged with felony breach of computer security for installing a backdoor which gave him control to over 2,700 of HostGator's servers, as originally reported by Ars Technica.
HostGator: Ex-Employee Breaches Security: How He Did It
Gisse was employed as a medium-level administrator with the cheap hosting with dedicated IP company since September 2011. The day following his termination date, which was February 15, 2012, HostGator came across a backdoor application allowing Gisse to (breaches security) log into the servers from a remote location.
Gisse was able to obtain a HostGator digital SSH key, transferring it to his own personal computers. Then, he attempted to manipulate his malware to appear as a commonly used Unix administration tool in order to disguise the backdoor from his boss.
Houston Police Department investigator Gordon Garrett stated in an affidavit the process he used to do this was named ‘pcre' in the system, a common system file.
HostGator: Ex-Employee Breaches Security: Should You Worry?
So you have data on HostGator servers. Should you be concerned? It seems you shouldn't. Company officials say that although he is likely the hacker responsible, they found no proof indicating he ever attempted to remotely gain access to the data.
Patrick Pelanne, HostGator COO, said that they picked up on it long before he was able to even access the customer data, making future attempts impossible.
Gisse will be arraigned at some point in May, and is being held at the Harris County Jail on $20,000 bond.
HostGator: Ex-Employee Breaches Security: Other Instances Of Cheap Hosting With Dedicated IP Employee Crimes
Gisse isn't the first employee to try to pull one over on his cheap hosting with dedicated IP company. In August of 2011, a former employee of Rackspace was sentenced to two years of probation after submitting bogus service orders and fraudulently earning an additional $64,174 in commissions.
His name was David John Whitman, and he was employed as a salesperson with the cheap hosting with dedicated IP company. He worked out of this Missouri home, responsible for contacting potential customers in his region, filling out order forms when they agreed to sign on for Rackspace hosting services. He sent 14 of these order forms to the company between March 2006 and January 2007, including fake account information.
He was charged with two counts of wire fraud, and faced up to a year in prison for each count. However, after bringing a $5,000 check to court as a portion of restitution and apologizing for “violating the trust of my former employer,” US District Judge Orlando Garcia sentenced him to two years of probation and a $1,000 fine.
HostGator: Ex-Employee Breaches Security: Protect Yourself
If you are at all concerned about this, contact your cheap hosting with dedicated IP company to discuss their policies and procedures regarding employee misconduct. You want to assure they at least have a plan, as this means your data will not be compromised in any way.
Are you a cheap hosting with dedicated IP company? You'll want to plan for this scenario within your own company. Customers can trust that you have covered all of your security bases, and will pass that along to peers looking for the services you offer.