- Date:2023-1-18
According to the conclusion of “2022 National colleges and Universities Information Security Meeting”, which followed the instructions issued by Department of Executive’s Cyber Security Alert project meeting on August, 2022, contingency response steps for malicious webpage replacement are advised to refer to the following principles:
- Taking down the replaced website immediately. (Notice that also make sure to keep all the evidence and traces intact.)
- Maintenance announcement webpage: deploy in 10 minutes.
- Static information website: Restore website with functions without security concern, for example: pure information announcements or media player.
- Restore functions gradually: perform weakness-scanning every time before deploying a website and confirm there are no major security weaknesses.
- Fully repair and redeploy the website.
It also requires every college and University to prepare a contingency response plan targeting website tampering. School administrative units and departments should take stock of managed websites, and prepare a Maintenance announcement page for immediate response. Once website tampering situation occurred, the tampered webpage can be replaced with prepared maintenance announcement page within 10 minutes.
Based on aforementioned principles, every unit is suggested to prepare a server for backing up websites, so that we can immediately switch to a backup server for maintenance operation of websites when it comes to an emergency situation.
If there is no extra server resource, it is possible to adopt other cloud space as a solution, for example C&INC individual homepage/official webpage or off-campus website space. Building a static webpage and uploading to cloud space in advance, notify C&INC to revise DNS records pointing to cloud space as a temporary web page. If the unit's website has already been placed in C&INC virtual space or virtual server service zone, C&INC also prepares a public webpage template for maintenance announcement. For those who needs can contact C&INC to point website to maintenance announcement web page.
- NTU Domain Name Application: https://ccnet.ntu.edu.tw/ccnet/domain.php
- NTU Homepage server: https://www.cc.ntu.edu.tw/chinese/services/serv_i01.asp
- Example of NTU website production platform: https://webpageprod.ntu.edu.tw/emergencyprocedure.htm
