In an email to affected individuals, Linux Australia explained how the hacker gained access:
“It is the assessment of Linux Australia that the individual utilised a currently unknown vulnerability to trigger a remote buffer overflow and gain root level access to the server.
“A remote access tool was installed, and the server was rebooted to load this software into memory.
“A botnet command and control was subsequently installed and started. During the period the individual had access to the Zookeepr server, a number of Linux Australia’s automated backup processes ran, which included the dumping of conference databases to disk.”
It is not yet known how many people have been affected, but Linux Australia is encouraging members to change their passwords as soon as possible.
According to The Register, the Linux Australia team operate a three member response system in which the investigators have no knowledge of each others’ findings in order to inspire more “rigorous analysis”.
It’s important for organisation’s to implement an information security management system (ISMS) which includes people, processes and technology. ISO 27001 is an internationally recognised cyber security standard that covers these three areas, whilst setting out specific requirements for which an organisation’s ISMS can be audited and certified against.
To stay up to date with the latest data breaches and other cyber security news, sign up to receive our Daily Sentinel email newsletter.