In an age when IT security is becoming a routine requirement rather than an annual audit we look at the the weak link in most companies is Website Protection.
Routine IT Security
In a typical modern business, IT Security relies on a layered approach, Firewalls separate departments from each other and UTM Firewalls protect the company from Internet threats including zero day attacks. Domain controllers have centralized update management and anti-virus/malware control of the end-points (the computers on the network). Monitoring systems alert the IT team to failures of software, hardware and also when rules break boundaries that may indicate an issue.
In comparison, the website often has little in the way of Website Protection, security or controls beyond basic password control. True, the website may not be hosted on a company server; also, the company website may not be much more than a marketing tool with no “live data” being held with regard to customers. It is often these sites that are considered “low hanging fruit” by hacker.
Website Protection and the Hackers strategy
So, your website has no data to attract a hacker, why would they be interested? The answer is the reason you have a website in the first place. Traffic. The more website visitors you have, the more useful the website is to a hacker. Here are some of the uses old and new:-
- Malware distribution
- Traffic diversion
- Advertising revenue
- Email data capture
Lets take these in reverse order, first of all, email data capture. If a hacker can access the web server then they can change the code on information request forms. If a hacker was to copy themselves in on any contact form messages, they would capture email addresses. These addresses could be used to contact your company in a Phishing attack. Used to be common, not so much these days.
Number 3 on the list is advertising revenue. Adding advertising to your site may generate revenue for the hacker. A YouTube video that shows an advert at the start generates income. If the hacker adds an advert to a popular page on your site and people watch the video, then your site could make them a tidy sum of money.
As rare as the first two items are, this next one (number 2) is still popular with some hackers. They send visitors to one of your website pages to another site that generates them income, your website SEO work has generated the traffic that they re-direct to their money making pages.
By far the biggest reason hackers will try to gain access to your site is to add malware to your site, this is a really big money maker for the hacker. Adding a small piece of code that downloads malware to the visitors computer. There is, unfortunately, very little chance the anti-virus software will block it; and unfortunately, may people are in the bad habit of allowing things to load from websites that they are interested in, even if the warning comes from their anti-virus program.
The computer that has just been infected now reports all common vulnerabilities on the computer that just got infected to a command and control server that now uses the connection the the captured computers to utilise they vulnerability to send something more dangerous like ransomware to the computer. Now the hacker can earn some serious money by holding the computer to ransom.
All websites are at risk unless some action is taken to actively protect the website. What is even more frustrating is that the hosting company won’t take too long to work out that the extra data traffic to and from your website has some unusual content. Within a week or so you will find your website is down, contacting the hosting company you will be told their T’s & C’s clearly state they have the right to take your site down if it represents a threat or if it is used for illegitimate purposes. All this because there is no Website Protection. You will have to provide a clean copy of the website and prove it is clean before the site can go live again. The bad news is, that hasn’t fixed the vulnerability. The vulnerability is still there, so what can you do? Get some Website Protection, of course.
We have searched the best solutions and then chosen the simplest solution to install, manage and budget for. The Starter License will tell you there is a problem and what the problem is. The Pro license is equivalent to the Starter plus protection from Distributed Denial of Service attacks, these attacks result in the website being unreachable for visitors, so this level of protection is ideal for small businesses. The Premium license is aimed at small and medium businesses that take their online presence seriously, it provides full protection as well as a security team to repair issues for you.
The 29 PoPs is something very special, essentially these are 29 clones of your site distributed globally. That means that hackers will often waste time trying to take down a clone, but it also means your site is always available to visitors. Best of all, because Google and other search engines rank your site based on a range of criteria including the load time (the time for a page to load – exceptionally important currently), one of your global clones is almost guaranteed to be closer to the Google server reducing the load time and increasing your Google ranking! Hey presto – improved SEO as well as website protection.
The Started license: per domain is £82.50 for 1 year (£9.90 per month) … it offers monitoring of web site but no SOC team support.
The Pro license: per domain is £207.50 for 1 year (£24.90 per month) … it offers monitoring along with DDos protection.
The Premium license: per domain £332.50 for 1 year (£39.90 per month) … this is the most popular license it offers Full SOC team support, SIEM… virtual patch for Zero day attacks/ removal of Malware , CDN with 29 PoPs, OWAP protection, WAF