Saturdays are my one semi-day-off. I work six days a week on NOQ Report, often bell-to-bell on heavy news days. But last Saturday was different. Around 5:00 am, this site was hit with a massive, complex attack from IP addresses allegedly centered in Riyadh, Saudi Arabia. And it wasn’t just a DDoS attack, of which we’ve had several over the past year. This wasn’t an attempt to take down the site. It was intended to destroy us completely.
And it worked.
Within a couple of hours from the initial attack, we started losing functionality in the site. Images, while present on the server, wouldn’t attach to the stories. I was on with level 1 tech support at our host when it became clear we needed level 2. And then level 3. By the time they initiated a comprehensive malware scan that would take several hours, nearly everything we tried to do on the site was not working. Thankfully, there was no malware, but infusing the site with phishing software of dirty pictures wasn’t their goal. These weren’t pranksters. As my second level 3 tech support lady told me, this was like nothing she’d ever seen before.
What made it truly concerning is they were using exploits in files that hadn’t been updated for weeks, and that’s just among the ones we found. This made restoring backups problematic; how far back did we need to go to make certain they couldn’t just repeat the process next week, next month, or around November, 2020?
As one who thoroughly enjoyed Aliens and has watched it several times, I invoked Ripley. I took a deep breath and told my downtrodden tech support warriors, “I say we take off and nuke the entire site from orbit. It’s the only way to be sure.”
We nuked the site. Everything. Only the text from the articles was preserved as we installed only the verified safest software and began the long, tedious journey of rebuilding it all from scratch.
As for the source being “Riyadh,” I’m not buying it. Sure, it’s possible, but based on the sophistication of this attack, it seems unlikely they would undertake it without masking their IPs, bouncing them off proxies in one enemy to attack another. Who has a beef with both Saudi Arabia and pro-Trump conservative Christians in America? Who has been caught red-handed trying to spoof, hack, and otherwise disrupt vulnerable news sites like The Guardian and now us? Who have we been heavily criticizing since the day we launched (other than Democrats)? Who wasn’t happy when we posted an article blaming Iran for taking down the Ukrainian 737-800 over 24-hours before it was announced? The answer to all of these questions is Iran.
The Lord works in wonderful ways that we often never expect. We’ve been playing around with a redesign for weeks. It was supposed to be our shift into 2020-election-mode as we tightened our focus and increased our volume to match with dramatic surges in traffic the last three months. Whoever hacked us, they did us at least a bit of a favor unwittingly. The forced a play that may or may not have happened. Now, we’re in redesign mode.
Rebuilding a site from scratch is much harder than just changing the look and feel. We’re literally going story-by-story, reformatting all 7000+ of them manually. It’s going to take a while, but it’s a necessary cleansing as we steam along towards the election. As long as we stay focused, we’ll be able to put forward a strong site that will help conservatives win in November.
They can keep coming after us, but the mission is too important to abandon. We will continue to fight against the left and anyone else who wants to prevent patriotic Americans from leading this nation into the future. Praise God for His mysterious ways!