Incident Details

Incident: Jamie Oliver Website Hacked with Malware, Impacting Visitors' Computers

Published Date: 2015-02-18

Postmortem Analysis
Timeline	1. The software failure incident involving Jamie Oliver's website happened in February 2015. - The incident was reported in articles published on February 18, 2015, and February 19, 2015.
System	1. JamieOliver.com website 2. Compromised plugin used by JamieOliver.com 3. JavaScript hosted on jamieoliver.com 4. Flash, Microsoft’s Silverlight, and Java plugins 5. Malware injection in the site itself
Responsible Organization	1. Hackers compromised Jamie Oliver's website, leading to the software failure incident [33673, 33686].
Impacted Organization	1. Fans of Jamie Oliver [33673, 33686] 2. Visitors to JamieOliver.com [33673, 33686]
Software Causes	1. The software cause of the failure incident was a hack that compromised Jamie Oliver's website, leading to potential malware attacks on visitors' computers [33673, 33686]. 2. The hackers exploited vulnerabilities in the website, such as compromised plugins or stolen login details, to serve malicious files to visitors and take control of their computers [33686]. 3. The attackers embedded another website into Jamie Oliver's site, exploiting bugs in Flash, Microsoft's Silverlight, and Java to install malware on users' computers [33686]. 4. The compromised JavaScript hosted on jamieoliver.com was a key entry point for the attack, indicating a well-hidden malicious injection within the site itself [33686].
Non-software Causes	1. The official site of TV chef Jamie Oliver, JamieOliver.com, was compromised by hackers [33686]. 2. Hackers served malicious files to visitors which could take control of their computers [33686]. 3. The attack was facilitated either through a compromised plugin used by Oliver’s site or through stolen login details for the site [33686]. 4. Visitors were shown another website embedded directly into the site, which attacked their computers through bugs in Flash, Microsoft’s Silverlight, and Java [33686].
Impacts	1. Potential exposure to malware attacks for fans of Jamie Oliver visiting his website, which could have led to their computers being compromised [33673, 33686]. 2. Risk of hackers taking control of users' computers if they downloaded the malware from the compromised website [33673]. 3. Installation of malicious software on users' computers, potentially leading to further attacks, data theft, and spamming [33686]. 4. Uncertainty regarding the number of users who may have fallen victim to the attacks [33686]. 5. Concerns about the compromised website being used as part of a botnet for launching additional attacks [33686].
Preventions	1. Regular security audits and vulnerability assessments could have helped prevent the software failure incident by identifying and addressing any potential weaknesses in the website's code and plugins [33673, 33686]. 2. Implementing strong access controls and monitoring for any unauthorized access to the website could have prevented hackers from compromising the site through stolen login details [33686]. 3. Ensuring that all software components, such as Flash, Microsoft's Silverlight, and Java, are kept up to date with the latest security patches could have mitigated the risk of attackers exploiting known vulnerabilities in these technologies [33686]. 4. Educating users about the risks of clicking on suspicious links or downloading unknown files could have helped prevent users from inadvertently exposing themselves to malware attacks [33673].
Fixes	1. Regular security checks and vulnerability assessments by both in-house teams and independent third parties can help prevent such incidents in the future [33673, 33686]. 2. Implementing robust security measures such as monitoring for compromised plugins, securing login details, and ensuring the integrity of scripts hosted on the website can mitigate the risk of similar attacks [33686]. 3. Educating users on safe browsing practices and raising awareness about the dangers of clicking on suspicious links or content can help prevent malware infections [33673]. 4. Promptly addressing and removing any identified malware or malicious injections from the website is crucial to ensure the safety of users [33673, 33686]. 5. Enhancing cybersecurity measures to detect and prevent unauthorized access, malware installations, and potential botnet activities can safeguard against future attacks [33686].
References	1. Security experts at Malwarebytes [33673, 33686] 2. David Emm, principal security researcher at Kaspersky Lab [33673] 3. Jérôme Segura, senior security researcher [33686] 4. Carl Leonard, principal security researcher at Websense [33686] 5. Spokesperson for the Jamie Oliver group [33686]

Software Taxonomy of Faults

Category	Option	Rationale
Recurring	one_organization	(a) The software failure incident of Jamie Oliver's website being hacked has happened again at the same organization. The incident was described as a low-level malware problem that was quickly dealt with, and the site is now safe to use. The team at jamieoliver.com mentioned that they regularly check the website for vulnerabilities and quickly address any issues found. Additionally, the spokesperson for Jamie Oliver group apologized to anyone who was worried after visiting the site [33673, 33686]. (b) There is no information in the provided articles about the software failure incident happening again at other organizations or with their products and services.
Phase (Design/Operation)	design, operation	(a) The software failure incident related to the design phase can be seen in the articles. The incident occurred due to hackers compromising Jamie Oliver's website by embedding malicious files that could take control of visitors' computers. The attack was facilitated by bugs in Flash, Microsoft's Silverlight, and Java, indicating vulnerabilities in the design and development of the website [33673, 33686]. (b) The software failure incident related to the operation phase is evident in the articles as well. Users were exposed to potential malware attacks when visiting Jamie Oliver's website, highlighting the impact of the operation or misuse of the system on the security of users' computers. The attackers could install malware on users' computers, leading to further malicious activities, showcasing the consequences of operational vulnerabilities [33673, 33686].
Boundary (Internal/External)	within_system, outside_system	(a) within_system: The software failure incident involving Jamie Oliver's website being hacked was due to contributing factors that originated from within the system. The incident was caused by a compromised JavaScript hosted on jamieoliver.com, which was either a legitimate script injected with additional content or a rogue script altogether [33686]. Additionally, the malware injection was described as a well-hidden malicious injection in the site itself, indicating that the issue stemmed from vulnerabilities within the website's system [33673]. (b) outside_system: The software failure incident was also influenced by contributing factors that originated from outside the system. Hackers compromised the website by embedding another website directly into it, which then attacked users' computers through vulnerabilities in Flash, Microsoft's Silverlight, and Java [33686]. This external attack led to the installation of malware on users' computers, demonstrating how external factors played a role in the incident.
Nature (Human/Non-human)	non-human_actions, human_actions	(a) The software failure incident occurred due to non-human actions, specifically a hack on Jamie Oliver's website. The website was compromised by hackers who injected malicious files and links, exposing visitors to potential malware attacks [33673, 33686]. (b) The software failure incident was also influenced by human actions. The hackers gained access to the website either through a compromised plugin or stolen login details. Additionally, the site operators had to take action to clean the site and address the malware issue, indicating human intervention in response to the incident [33686].
Dimension (Hardware/Software)	software	(a) The software failure incident reported in the articles was primarily due to a software issue rather than hardware. The incident involved hackers compromising Jamie Oliver's website by injecting malicious files and scripts, which could take control of visitors' computers [33673, 33686]. The attack exploited vulnerabilities in software components like Flash, Microsoft's Silverlight, and Java, indicating that the root cause of the failure was related to software vulnerabilities rather than hardware issues. The compromised JavaScript on the website was a key factor in the incident, highlighting a software-based attack vector.
Objective (Malicious/Non-malicious)	malicious	(a) The software failure incident in this case is malicious. Hackers compromised Jamie Oliver's website by injecting malicious files that could take control of visitors' computers. The attack involved serving malicious files through compromised plugins or stolen login details, leading to the installation of malware on users' computers. The attackers could use the compromised computers for further malicious activities like launching attacks, stealing data, and sending spam [33673, 33686].
Intent (Poor/Accidental Decisions)	unknown	(a) The intent of the software failure incident: - The software failure incident involving Jamie Oliver's website being hacked was not due to accidental decisions but rather poor decisions made by hackers who compromised the site with malicious files [33673, 33686]. - Hackers intentionally injected malware into the website, aiming to take control of users' computers and potentially launch further attacks [33673, 33686]. - The attack was described as a well-hidden malicious injection in the site itself, indicating a deliberate and calculated action by the hackers [33673]. - The attackers exploited vulnerabilities in plugins like Flash, Microsoft's Silverlight, and Java to carry out their malicious activities, demonstrating a premeditated intent to compromise the website [33686].
Capability (Incompetence/Accidental)	accidental	(a) The software failure incident reported in the news articles was not attributed to development incompetence. The incident was caused by hackers compromising Jamie Oliver's website, injecting malicious files, and potentially exposing visitors to malware attacks [33673, 33686]. (b) The software failure incident was accidental in nature as it was a result of hackers gaining unauthorized access to the website and embedding malicious content, rather than being a result of incompetence in the development process [33673, 33686].
Duration	temporary	(a) The software failure incident in the articles was temporary. The incident involved the Jamie Oliver website being hacked and serving malicious files to visitors, potentially exposing them to malware attacks. The security experts identified the malware injection on the site and the site operators quickly removed the bug to make the site safe to use again. The incident was described as a low-level malware problem that was dealt with promptly, and the team expressed confidence that no data had been compromised [33673, 33686].
Behaviour	omission, value, other	(a) crash: The articles do not mention a crash as the behavior of the software failure incident. (b) omission: The software failure incident in the articles can be categorized as an omission. Hackers compromised Jamie Oliver's website by serving malicious files to visitors, which could take control of their computers. This resulted in the system omitting to perform its intended functions of providing a safe browsing experience for users [33673, 33686]. (c) timing: The articles do not mention timing as the behavior of the software failure incident. (d) value: The software failure incident can be categorized as a value failure. The attackers installed malware on users' computers, leading to the installation of more malicious software. This incorrect behavior of the system in allowing the installation of harmful software can be considered a value failure [33686]. (e) byzantine: The articles do not mention a byzantine behavior as the software failure incident. (f) other: The software failure incident can be categorized as a security breach. Hackers compromised the website, injected malicious content, and potentially took control of users' computers. This unauthorized access and manipulation of the system's security can be considered as another behavior of the software failure incident [33673, 33686].

IoT System Layer

Layer	Option	Rationale
Perception	None	None
Communication	None	None
Application	None	None

Other Details

Category	Option	Rationale
Consequence	property, theoretical_consequence	(d) property: People's material goods, money, or data was impacted due to the software failure The software failure incident involving Jamie Oliver's website being hacked resulted in visitors potentially being exposed to malware attacks. Hackers could have taken control of users' computers if they had downloaded the malware, potentially leading to the installation of more malicious software. The attackers could use the compromised computers to launch further attacks, steal data, and send spam. While it is mentioned that no serious issues were reported and no data compromise was confirmed, the incident did involve a risk to users' property in terms of their data and potentially their financial information [33673, 33686].
Domain	information, entertainment	(a) The failed system was related to the entertainment industry as it involved the official website of celebrity chef Jamie Oliver, which provides recipes and news about the star to around 10 million visitors a month [33673, 33686]. (g) The incident did not directly involve utilities such as power, gas, steam, water, and sewage services. (m) The failed system was not related to any other industry outside of the options provided.

Sources

Hackers hit Jamie Oliver website in malware attack - Daily Mail - Published on: 2015-02-19
Article ID: 33673
Jamie Oliver’s site serves up a tasty slice of malware - The Guardian - Published on: 2015-02-18
Article ID: 33686

Back to List