Personal Blog

Electronic Pearl Harbor

I don’t have much use for most of our politicians from Virginia – with one notable exception: Congressman Randy Forbes. He seems to share my core values, and he appears to be a “real” person. I mean anyone who rides a big bike at the head of the Rolling Thunder Ride for Freedom in Washington, D.C. on Memorial Day Weekend can’t be all bad. Perhaps even more importantly Forbes appears to “get it” when it comes to the Internet based threat we face from foreign powers.

Randy Forbes
U.S. Representative Randy Forbes (R-VA) Leads Rolling Thunder Motorcycle Ride

In a recent Newsletter Congressman Forbes wrote about an Electronic Pearl Harbor describing in interesting detail how cyber security attacks against the United States are rising drastically every year. Let me tell you how close this hits to home. I am a small business owner who was impacted this summer by two such attacks.

In late June a SQL Injection Trojan compromised all my Word Press based websites – about two dozen on my servers – and almost half were my own business sites. This was not because the Word Press content management platform had evident flaws. The people who perpetrate these kind of attacks are not pale and pimple faced geeks living in their mother’s basements.

According to Congressman Forbes report the most serious and potentially the most dangerous have come out of China.

Some of the more sophisticated military analyses from China’s armed forces propose to enhance the ability to attack an adversary’s satellite communications and sensor systems, critical transportation and energy infrastructure, ports of air and sea embarkation, and military command systems. (see[no longer active]

Just this week there was news out of the UK that a members of a Russian organized crime gang had used a SQL Injection Trojan as the tool to steal over $9 million dollars from the bank accounts of unsuspecting Brits over the past year alone. I believe it is only a matter of time before we discover this kind of massive fraud here in America.

As a result of that WordPress SQL Injection Trojan we lost two weeks restoring client’s websites in July that obviously we could and would not charge them for. Then add two weeks restoring my own personal and business sites. Since we could not work on new client business at the same time as restoring my own business sites it effectively cost me a month’s income.

“But wait, there’s more! …”

Since that SQL Injection Trojan in June I discovered that an old and forgotten Forum type website I had on my server had also been compromised – this time by a different method. The end result was almost the same however, and my business and personal sites – including this one – went down again.

So the first almost two weeks in August are spent missing my company’s earning potential re-building my business and personal sites again. On one hand it has made me much more expert at launching custom Word Press sites quickly and more securely. On the other hand it has cost my business precious time. Not unlike losing sleep, the reality is that while you still move forward the next day, you really never catch up. Thanks China.

Originally Published on and recovered via the Internet Archive Wayback Machine