The Post picked up my story on the CSIS hacking.
I’m still perplexed by the comment from Tahera Mufti, a media liaison officer at CSIS, who said the websites are fine, when they clearly aren’t. I can only think of two explanations:
- The charitable explanation: CSIS fixed the sites after I first posted about the problem here and the search engines just haven’t caught up.
- The non-charitable explanation: CSIS really does not understand the nature of the problem and didn’t see they had been hacked.
I also learned on the weekend that developer Sean Walberg had noticed the Viagra spam as far back as January. He took a screenshot of the hacking that shows it differently from my examples.
On Friday, you could still see this kind of result by viewing the Google cached versions of the infected www.csiscareers.ca pages but now those pages show a 404 message, which indicates to me that CSIS is actively clearing this up. As of this afternoon, Yahoo cached pages still show the infection, which makes sense since Yahoo (which is powered by Bing) doesn’t crawl as often and is slower to take account of changes.