Computerworld - Web hosting provider Interland Inc. is still struggling to fix what appears to be a widespread security problem, months after its customers first informed the company about it.
Some sites hosted by Interland have been infected with malicious code that prevents Web pages from loading properly and as a result causes some sites to become unavailable. In many instances, visitors to the infected sites have been redirected to other malicious sites, where Trojan horses have been downloaded onto their systems.
Atlanta-based Interland manages over 7,000 servers and hosts more than 250,000 Web sites for predominantly small and midsize businesses. Company officials last week refused to respond to requests for comment. But in the past, the company's director of security, Jeff Reich, has acknowledged the problem while downplaying its significance, saying it has been mostly under control .
However, several users last week suggested otherwise.
"I've lost count of the number of times my site has gone down," said Kevin Krajewski, deputy director of management information systems for the city of Rochester Hills, Mich. "We've been dealing with [Interland] since March on this issue," he said, noting that the latest incident occurred Nov. 12.
Customer Angst
So far, the problem doesn't appear to have been resolved, said Krajewski, who noted that his own investigations have revealed that one of the Web sites that victims are being redirected to appears to be hosted by Interland itself. Krajewski's own theory -- based on his investigation of the problem and conversations with Interland staff -- is that the problem may be the result of an insider attack.
"We have seen evidence of two additional breaches at Interland since the initial compromise" in August, said Joe Stewart, a senior security researcher at LURHQ Corp., a managed security services provider in Chicago.
The company, which is not a customer of Interland, discovered the breaches as part of its Internet monitoring services for clients. "We are passing all relevant details along to Interland's security department as soon as we spot these hacked sites," Stewart said.
Most complaints have failed to yield results, said the New York-based owner of a site hosted by Interland who requested anonymity. "So far, I've been down for six days and [the complaint] has been escalated 11 times," the owner said. "Clearly there are things going on at Interland that are beyond their scope to handle."
Another Web site owner, based in Arlington, Va., who also requested anonymity, last week moved his site to another provider because of the problems.
"The servers weregoing down off and on for most of last week," he said. "They said something about having to rebuild their servers." At the point when the site became unavailable for more than 24 hours, the decision was made to move, he said.
Read more about Security in Computerworld's Security Topic Center.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
