The most widely used virtualization software in the world is VMware, but other platforms do exist. One maker of such software, a firm called Parallels, is currently in an unenviable position: looking into claims that its flagship 'Plesk Panel' program lacks sufficient IT security. Plesk Panel is not itself a virtualization platform, but it rather an administrative tool that helps website managers administer Web hosting servers and perform other tasks related to the management of a website.
Parallel's problems appear to have begun in mid-July. Since that time, websites administered using Plesk Panel have ended up infected with malware. The malicious code in question makes use of domain name generations methods in order to compromise the systems. The hackers responsible for the attack seem to be using an exploit toolkit called 'Black Hole'.
In all, thousands of different websites have been affected. While some of them were built with IT solutions such as HTML, others featured technologies such as PHP and ASP.net. Nor are all the affected systems hosted on a similar set of physical web servers. Indeed, all they seem to have in common is the use of Plesk Panel for management and administration.
According to Denis Sinegubko, an independent IT security researcher, "It's a very massive attack, and it is limited to Plesk servers. So it definitely has to do with some Plesk security issues."
According to Parallels, the problems are linked to vulnerability in SQL injection in Plesk databases. The problem has since been fixed with a patch, but in unpatched systems, a hacker would be able to access the database and steal not only the Plesk administration password, but also the passwords of website customers stored in the database.
Some businesses, however, are insisting that there is more to the story than an IT security hole now patched up, since they have installed the patch and changed all passwords, yet continue to experience problems. The support forums at Parallel are continuing to be bombarded with claims from administrators responsible for web hosting servers.
The issue with Plesk Panel demonstrates a key reason why SMBs need to consider a switch to a managed security approach. Few SMBs would have the resources needed to navigate a complex IT security problem such as this. With a managed security approach, SMBs can access the resources of an entire IT company to mitigate damages and restore full security and functionality to systems. Indeed, with a managed services team behind an SMB from the start, such vulnerabilities and security holes may never arise.