The Space Show website has been hacked:
Happy Leap Year To All. I hope this will be the last update I need to provide on the hack attack to our website. Here is the update:
First, the program scheduled with Courtney Stadd for tomorrow has been cancelled. He rescheduled for Friday, April 5th. Thank you Courtney for you understanding and patience.
Starting Sunday, we will resume live broadcasting and normal operations. The program with Marshall Martin we hope will go off as a normal program. Newsletters should function normally for this coming weekend.
Our site is currently up and working. Both Spencer and I are engaged in exhaustive testing to fix any glitches and to make sure the site’s functionality is OK. The company that cleaned and fixed the damage has cautioned us to expect some glitches, broken links, items that don’t work, etc. We will need to fix them as we discover them as they do not know how our site works or all the functions it has plus most of our site was custom coded by Spencer back in 2015 when we built it. For those of you that want to use the site, check it out, hear a show, and test it as it would be a big help if you tried as many things as you could reporting back to me via email anything that does not work right so Spencer and I can find it and repair it. Your help in finding and letting us know about problems will be more than helpful.
I would like to shout out to the four people who made special contributions to TSS via PayPal to help us with the recovery costs. I’m not saying their names as I don’t know if they want their donations made public but your support was really appreciated. If you can help us out, we hope you will do and we do need your support.
I also want to call out by name a few people who went way beyond and over in their support and hanging in there with us. Bob Zimmerman, Courtney Stadd, John Jossy, Marshall Martin plus a few that I am sure I’m forgetting but only by name, not for your lack of support or encouragement.
Undertaking the repairs without knowing the details of the damage, the final costs, or the time to recovery was at times challenging Hearing from these people with encouragment and even people who could assist as was the case with Bob was exceptional. I want them to know how much it meant to me and really to all of you though you were not on the front lines with the challenges but believe me, were it not for their being their for everyone with TSS, we would not be up and operating today.
I expect we will be making some level of repairs for awhile as we discover items needing to be fixed but honestly, I expect clear sailing in our Sunday program and in archiving it. If it turns out differently, I will let you know and the suggested time for repairs and/or delays.
Thank you again for your patience and hanging in there. Give the website your once over and let us know if you find problems. Your help will be a big part of the full recovery service from the hack.
As for the hack, I was told it had an Eastern European origin but that could have been spoofed so actually no clue where it came from. It seems there was a vulnerability which we are patching in gaining access to the AMP panel which provided access to most of the website. That vulnerability has been closed. There are other software and program weaknesses due to older programs and protocols. We are looking into finding ways to update older stuff without interrupting the work of the website and that is affordable. One of the biggest challenges is to update an out of date PHP program that does not seem able to migrate to a newer PHP platform and the older one we have does not get updates anymore. If anyone knows how to do that type of evolutionary change with ease with PHP, contact me at firstname.lastname@example.org. We have plans and offers to move our VPS to a new one with better cyber protection but the older PHP program won’t work so this is a priority. The cleaning services is now scanning our server and all files multiple times a day for breaches so they can shut them down and this won’t happen again or if it does, it won’t be as significant. That is a good protection for a small biz website.
If anyone can help out, let me know and I’ll pass it on.