I've Been Hacked, Now What?

Comments

Comments are closed.

Great and practical talk to start of the day. Took more notes at this talk than all of yesterday's talks combined, very useful information given.

Great practical talk. I've added 20 bookmarks to my 'need to read' pile.

Again a nice and hands on approach how you schould keep calm when hacked, but get.rid of it as fast as you can.

What was not obviously clear here was when you're not sure, contact a professional.

Great talk. Took note of very useful tips and links.

Rated 4

Anonymous at 21:07 on 25 Jan 2015

Thanks for the talk, it was really interesting and I appreciate you raising awareness that hacking of sites happens.
And that there are things you can do about it, when it has happened and also before (the next time) it happens.

I also appreciate you taking time to interact with the audience and make us share stories about hacks. This really made the possibility of a hack more real to the everyday developer, I think.

As a pointer I would like to say, maybe, in the beginning of the talk sketch the options you have when one of you're sites has been hacked.
Including, but certainly not limited to:
- just redeploy the application and cross fingers.
- forensically check all files, the database and the OS.
- go nuclear and make a backup of the hack for forensics, wipe the server and start with a fresh OS, fresh deploys and a forensically rebuild database.
- or just hire a professional, as mentioned by Ike.
And maybe touch upon in what situation you would advise the different options + the cost associated with each one.

Also you might explain a bit about the different metrics one should take into account when choosing an option. Like:
- confidentiality of the data used on the site
- impact when the site is compromised
- maybe risk of fallout, when some infection slips through the clean-up process

And maybe gloss over the most common infections people face when getting hacked:
- google ranking hijackers (like shown)
- ad injection (maybe)
- spam bots
- rootkits/root access

The above are all suggestions, I am by no means an expert in this field. But these were things going through my mind when thinking about improvements for this talk.
I really enjoyed it as it is, though, and I appreciate you getting on stage even when you were a bit under the weather.

Your talked provided a lot of (basic) information on what to do when getting hacked. Definitely a useful resource.

If you want to further improve this talk, you may want to add a bit more structure to the presentation. For example by dividing it in clear chapters and outlining those in your first slide.