Migrating a Company Website to CloudControl Saved 20% of Their Revenue, Secured Their Data, and Satisfied Their Insurers

CASE STUDY

OVERVIEW

Industry: Retail

Incident: Unauthorised Access

After a large Australian winter sports retailer’s website was compromised, Pragma stepped in to host the website on our CloudControl platform, restore retail operations, and strengthen security.

THE INCIDENT

SUMMARY

Hackers penetrated the company’s website at least twice before migrating to CloudControl.
Obsolete back-end software and operating systems led to vulnerability to SQLi attacks.
Due to SQLi breaches, customer credit card data mining is suspected.

One of Australia’s largest winter sports retailers, whom we’ll refer to as SR, was hacked by criminals twice during May and June 2019.

Their product ranges include skiing, snowboarding, camping, and outdoor sports. Their website accounts for more than 20% of their total revenue. SR discovered a cybersecurity breach on May 23rd, 2019. Due to suspected credit card mining, the company moved quickly to suspend website retail operations. SR contracted Pragma to provide incident response assistance.

The hackers struck again on June 12th. They inserted a virus into known vulnerabilities in the back-end OpenCart area of the site. Pragma was engaged again to investigate this virus and provide a more secure solution to the recurring attacks.

THE RESPONSE

SUMMARY

Because the client suffered at least two attacks, directors and insurers were nervous about ongoing security.
Use of obsolete back-end software, operating systems, and OpenCart versions led to continued vulnerability to hackers.
A key point of success arrived when Pragma identified and patched a component that was exceptionally vulnerable to SQL injection attacks.

SR operated a website with known vulnerabilities. Hackers targeted the obsolete points in the back-end software and struck multiple times. All insurers calculate payments, premiums, and coverage based on known risks. Without decisive action, the company risked becoming uninsurable. Pragma’s initial analysis revealed security vulnerabilities caused by the client’s continued use of obsolete back-end software. After the first attack, the weak points were addressed, and the website brought back into service. When the second attack occurred, it was obvious a more comprehensive solution was required.

While the website was still under attack, Pragma successfully migrated the site to the CloudControl platform. Security was immediately strengthened. Within the second month on CloudControl, 7,829 threats were blocked. 116 SQLi attempts failed because of enhanced security.

OUR RECOMMENDATIONS

SQL Updates for Security

Upgrade MySQL to the latest version to ensure continued support and security patches.

OpenCart Upgrades

Continually upgrade OpenCart to receive the latest security patches and developer support.

Latest PHP Versions

PHP developers do not support obsolete versions. Using new versions improves security and performance.

Multi-Factor Authentication

MFA is the single greatest step for improving website administrator cyber hygiene and reducing password vulnerability.

Regular Security Assessments

Run regular security assessments of the website to check for new vulnerabilities.

THE RESULT

Following the second attack, Pragma migrated the website to our secure CloudControl platform. Thousands of breach attempts were defeated during the next 30 days. Because of this successful migration, the client’s business can continue its online retail operations. Since these sales represent 20% of the company’s revenue,uninterrupted operations are a requirement. Pragma’s intervention and support enabled this client to continue doing business.