Best web application security practices to apply if a backdoor is found

Here at Wolfpack Digital, we are all into Cyber Month Prep. Suddenly in the middle of August, when nobody was expecting it, a backdoor was found in a Ruby gem. It was like seeing Santa in your backyard wearing Hawaii flower-power clothes - very unexpected for our web application security!

We use Ruby on Rails for building apps, and in case you are not familiar with it, we have written an article about what the <hack> is Ruby on Rails and why is it important for your product.

1.   What’s up with this latest Ruby Backdoor  - the threat and possible damages

The Ruby backdoor identified in August 2019 refers to one of the ruby gems that have been widely used by developers worldwide (113 million downloads) when building web applications. 

The gem that has been affected is REST- client. And it seems that hackers have inserted malicious code in order to send data from apps to external servers. The versions that were affected are REST- client 1.6.10 to REST -client 1.6.13. 

One of the ruby sustainers has explained what kind of information hackers can collect. 

“The data most exposed to this leak is login credentials, used to access databases, payment systems, among other platforms.”

- Jan Dintel

2.   Implementing best web application security practices 

Here is how we kept our web apps safe. In less than 2 hours, the entire Wolfpack Digital team knew about the issue. Florin, our Head of Web Development has provided instructions with quick steps to ensure web application security of our projects. 

Our technical team did an ‘X-ray’ check on all the web apps from our portfolio in order to detect the projects where the Rest Client Ruby gem has been used. 

“It’s a serious situation. We need to search for Gemfile.lock files containing one of the malicious versions in all codebases we are responsible for. Check the versions that have been used. In case you identify an anomaly, we have to update to a safe version and do an immediate release.”

- Florin, Head of Web Development

The results of our security audit have shown that all our web projects were safe. We used the updated versions that weren't affected by the hackers. 

Now we can be at peace since we acted by the book and we can continue our normal day-to-day coding.

3.   Cybersecurity tips for app development companies 

Cyber attacks are on the daily agenda of the world’s leaders. They are starting to affect us in all the daily life aspects: personal data privacy, business, and government systems security, together with terrorist cyber attacks. 

Here are some of the cybersecurity tips that app development companies should consider: 

• Always make sure you regularly test the products you are building in order to detect vulnerabilities ahead of time; 

• Adopt strong authentication measures for your web and mobile apps to keep the intruders away; 

• Check the issues of the open-source library you're about to use and make sure to keep up with the security updates.

A little piece of advice for the ruby gems maintainers - you should consider enabling two-factor authentication on your rubygems.org account. Also, make sure nobody will ever release an update containing malicious code.  Check this guide on how to do it.

What we've learned

The story with the August 2019 Ruby backdoor is just an example of how Software Development Companies can react quickly on fixing an issue that could have affected directly its clients. 

The best thing about being in the tech field is that we have the right expertise and resources to fix immediately any malicious threat. Our responsibility is to make sure that the clients that have chosen to work with us won’t be affected by the hackers. 

We are back to developing powerful web and mobile apps. Please be sure that our web application security practices will always help us deal with any cyber threat. 

Looking for a trustful partner to build a secure mobile or web app for your business? Give us a sign and we’ll take care of the safety of your idea.