Widely used software from Drupal and Jupiter Networks – two companies known for helping businesses create web pages and improve connectivity – were hacked in the past month, causing potentially serious damage to their client companies and, just as important, demonstrating that you can never let down your guard.
Drupal offers content management software. Many business sites, particularly those that use sophisticated interactive content, such as e-commerce, are powered by Drupal. The software was infected with a virus that hackers can use to take over a Drupal-powered website.
Drupal issued a patch to prevent infection, but users must install the solution themselves, which probably means many of the million Drupal sites are still infected.
Juniper Networks is famous for creating faster routers and taking on Cisco. Juniper now offers a suite of networking software and hardware for businesses.
Last month, Juniper issued patches to fix several problems on its operating system. The most serious could allow hackers to take over devices and sites at companies using Juniper software.
Assessing the danger
These security breakdowns are of course only the latest in a series of worrisome hacks of important software providers. And they illustrate that criminals are always working to find new ways to access your company’s information – and possibly cripple your operation.
Drupal and Juniper won’t be the last examples, either. Here are some actions you can implement to protect your company and your own clients from attacks.
Software that runs your website and other operations should require users to identify themselves with a sign-on and password at various levels of authority.
You are responsible for educating employees about how to create a hard-to-crack password and to recognize phishing attacks from outsiders.