Our bamboo was hacked today, and this is something you want to avoid at all costs. Ensuring that your Atlassian stack is up-to-date at all times is essential to avoid unpleasant surprises. Always upgrade your Atlassian stack.
We have a saying here in Belgium – ‘Bakers always eat old bread’ … because all the new bread is sold to customers. The same applies to us – we didn’t upgrade our own Atlassian stack in time as we are busy helping our clients.
The consequence? Our bamboo was vulnerable to a remote code execution attack – a Struts2 Exploit. (More information here)
Luckily, this hack was performed by an ‘ethical hacker’ who was so nice to tell about his (or her) activity and prove it with a couple of screenshots of internal directories.
One can imagine that much worse could have been done, and still, it is not a pleasant surprise.
We immediately stopped our bamboo, scanned the machine for any additional hacks, and upgraded bamboo to the latest version.
It took less than an hour to go through these steps. Together with a more secure system, we do have now the latest version of Bamboo running.
We learned the following lessons:
- It can happen to anyone – including your own organization
- Monitor the security advisories sent out by Atlassian
Check details Security Advisory Publishing. You can adapt your email settings such that you get notified whenever a security advisory is sent.
- Upgrade your environment from the moment such security advisory is sent out.
There are many ways to ensure your environment is easy to upgrade. We are using docker for this purpose.
Thanks to the ethical hacker to draw our attention to this vulnerability. Being hacked can be a harrowing experience, but it can also serve as a valuable lesson for improving your online security. By sharing our experience and the steps we took to prevent future attacks, we hope to help you better protect yourself and your businesses from potential cyber threats. Remember, staying vigilant and taking proactive measures can go a long way in safeguarding your valuable data and assets. Don’t wait until it’s too late! Start securing today!
If you need support ensuring that your Atlassian stack is up-to-date at all times, get in touch. We’d be happy to help.