JISHOU, HUNAN — Present and former IT guys like me are probably thanking the Gods of Silicon that it wasn’t one of us who got caught with our pants down at Gawker.com. Outsiders have been roaming around inside Gawker Media’s computer systems for the past month, downloading all kinds of stuff that supposed to be top secret.
Users’ passwords are just a start. Gawker’s computer systems have been laid out like a murder victim on an autopsy table: access to their databases, FTP access to other computer systems, the entire source code of their website, a custom-designed content management system (CMS). It’s all out there in Internet-land now.
Daniel Kennedy, who writes for Forbes.com, has a complete post-mortem of the victim. There’s a lot of lessons contained in it.
Why did it happen? It seems Gawker’s officers made light of the hacking/cracking skills of coders who spend time at 4chan and similar coder hangouts. As the recent Wikileaks reprisal attacks on Amazon, Visa, Mastercard, PayPal and other big names have shown, no system is invulnerable. Calling these kind of experts “script kiddies,” as Gawker’s leaders did, is sure to piss some of them off.
How did it happen? Details are still missing, but it seems the tech guys at Gawker were running the shop a little too casually, and the powers-that-be were a little too over-confident about the impregnability of their systems. Despite early warning signs, they carried on as if nothing serious had happened. Some users’ passwords got revealed? No big deal, said one Gawker boss. It’s just the “peasants.” (See image below.)
It was like going full steam ahead in icy waters, confident in your ship’s “un-sinkability.” We all know how that exercise in navigation turned out.
Unlike the HMS Titanic, however, Gawker is still online, sailing the Internet seas. But its staff has a ton of work to do now, to make sure the ship can still stay afloat. I’m just glad I’m not in their shoes right now.