This question, from a small-site owner with tens or hundreds of visitors per day, is an unfortunate but all too familiar one.
One morning I started getting emails from my customers complaining that their antivirus reported my site as infected and won’t let them in. It must be some mistake because I don’t have an e-shop. There is just a contact form and information for customers. Is it possible that someone is attacking my business?
Why do hackers attack small webpages when there are larger targets?
Small websites have a very low frequency of updates, and the possibility that somebody would find and fix malicious code is almost non-existent, which make them attractive targets to hackers. Hackers seek unpatched pages based on open-source solutions because they can attack them quickly and easily. These pages are later used for sorting users – by those who have vulnerable applications on their computer and by those who cannot be attacked – or simply to hide their true identity. Attackers close “the door” behind them by patching the vulnerability that leads them in and simultaneously create another backdoor, only for them, so the page does not show as suspicious when tested for vulnerabilities.
In general, there are three common types of hacking events a web administrator could encounter:
This type is recognizable on the first look because the site has been changed to display a message from hackers showing off their skills and mocking the web administrator. This is usually a less harmful attack, and although your page was deleted, you don’t have any financial loss because the motivation for this attack was to show the lack of security on your pages and get credit from other hackers. People which make these attacks usually follow the rule, Don’t learn to hack, hack to learn.
For example, there are PHP shells that lets you select the method and reason of defacement and post it online. The image below shows part of a PHP-shell that sends statistics.
According to statistics from Zone-H, there were 1.5 million sites defaced during 2010, and the screenshot to the right shows the reasons for the attacks. A million and half seems like big number, but these are only documented attacks and the actual number would be much higher.
During the last few years, defacement has been used to display political or ethical opinions by attacking sites with lots of daily visitors. This is turn attracts media and gets as much attention as possible. Even antivirus companies are not spared, as you can read in a recent article about the hack against AVAST.
Those of you who manage Windows servers and endpoints for SMBs or enterprise will be interested to read the latest review of avast! Endpoint Protection Suite from eSecurity Planet. Technology journalist Paul Rubens looked into the nuts n’ bolts of our business product and found the same award-winning multi-layered protection approach as the consumer products –with the addition of server protection and a choice of two central management consoles, Small Office Administration or Enterprise Administration.
The web-based Small Office Administration console is designed for companies with up to 200 end users. Unskilled administrators have a user-friendly central window which controls all functions of endpoint and server security. Despite its simplicity, it offers remote installation and updates of endpoint software, scanning and remote running of scan jobs, and virus activity reporting. There’s also an auto-discovery of new/unprotected or “rogue” machines connected to your company network.
The Enterprise Administration console is accessed as a Windows application and offers sophisticated functionality for skilled IT staff. Admins manage devices organized in a hierarchical tree structure based for example, on the geographical or organizational structure of their network, which makes it possible for them to assign administration access rights and policies. It also includes customizable alerting so they can receive a warning by email regarding activity on your network that warrants their attention.
My first couple times meeting Chris Cantoro, I didn’t know what to think of him but, compared to the Czech personalities I most often work with, I initially thought he was ‘arrogant’. After a few months, however, I had the opportunity to work with him more on various projects, and I discovered that what I’d initially (mis)perceived about him was actually more of an extroverted confidence. As a ‘foreigner’ myself in Czech lands, I started to suspect that his native Italy was somehow involved. The more I’ve gotten to know Chris, the more I’ve appreciated the worldly humor and relaxed energy he brings to our work environment. (BTW, the name ‘Cantoro’ means ‘Singer’ in English, and he can sing in five languages.) – Jason Mashak
1. The general public is often confused about how AVAST remains stable with a ‘freemium‘ model as our flagship product – can you explain how that works?
Everybody has a PC at home, in most cases more than one. We offer a FREE solution for domestic users as we believe everybody has the right to enjoy Internet and at the same time to be protected. If people are happy with our FREE product, then they will consider it also for their business, and they will buy it. Our key marketing strategy has been that the best way to show people we have the best product… is to offer it for free. Read more…
My interactions with Jitka have been brief – she is a no-nonsense kind of person, and so you’ll almost never see her having a chat at the coffee machine. In fact, I don’t think I’ve ever seen her in one place for longer than a few seconds, unless she has to sit for a meeting or at her desk. At AVAST for almost 5 years, Jitka oversees the interactions between AVAST Software and our business partners around the globe. I of course had to interview her via email, as I doubt she’d ever have time to meet with me. –Jason Mashak
1. Would you say that AVAST Software partners basically enable avast! users to have contacts and support in their own regions and languages, or is it not so simple?
To make it clear from the beginning, our business partners focus on the corporate and SMB segments rather than on home users. When potential customers make contact, our local partners only have a few minutes to establish trust and credibility. Fortunately, combining one of the best-known antivirus brands with our partners’ sales skills and marketing activities has been a simple and effective strategy for this.
Our business partners help alleviate fear of fraud, provide support in the local language(s), design or implement customized deployments, etc., enabling companies searching for an antivirus product to put their trust in avast!
2. How do avast! business partners help contribute to the direction of avast! products or services? Read more…