In 2015 WebARX (idea-phase) participated in an ICT accelerator program in the Czech Republic where WebARX was awarded the 3rd place. After building the first version of the prototype, we were chosen to the European most known Cyber Security program, Cylon, where we managed to raise additional capital for final development and product launch. Today, WebARX is open for free sign-ups. Since we have our private threat intelligence, we began building a Web Application Firewall (WAF) for the most popular content management systems (CMS) like WordPress. As we were building an all-in-one solution, we’ve enhanced the platform by adding important functionalities, such as; uptime monitoring, vulnerability monitoring, domain reputation monitoring, integrations (Slack), alerts and domain threat intelligence (alerts when a domain is mentioned in hacker forums or underground communities). The uniqueness of WebARX comes from its private threat intelligence, which the company is also providing to national CERT’s and is powering the CMS-based web application firewall. We analyze around 3,000 hacking incidents every single day. We know all the latest attack vectors being used, as well as the software that is mostly targeting automated hacking tools.
Can you describe the profile of a typical website hacker? Who are they, what motivates them, and what are they aiming to achieve?
There is a popular misconception where people think that hackers never target their website because the site isn’t popular or doesn’t hold anything valuable. This is wrong, for the following reasons:
Most of the attacks are targeted against popular software not against a specific company. Your website and web server (that you paid for) is already a valuable resource. SEO domain reputation damage and stolen traffic are often equal to losing money.
When it comes to motivation, first of all, there are those who are motivated by money. They usually redirect website traffic (also SEO spam), infect sites with cryptocurrency miners, infect visitors with the use of exploit kits, or just use the compromised sites to send out email spam. Secondly, there are defacers and hacktivists who are either motivated politically or religiously. Mostly opportunistic teenagers, who use pre-built scripts and software to attack as many websites with known vulnerable software as possible and leave their message (defacement) on the website. These are the easiest to detect and often use the same methods as the first group. There are also more advanced threats that are more targeted against a specific company/organization, but the motivation still tends to be financial, political/religious, or sometimes personal.
How can a marketing department with multiple accounts and lots of online presence protect itself against cyber threats?
Nowadays it’s essential to have password management tools like Keepass. The core point is not to re-use the same password twice, because most incidents happen when attackers steal credentials and link them with different accounts. General cyber hygiene should be in place (Antivirus software, website firewall, etc.). In most cases, the person behind the machine is the one clicking the buttons and getting the computer infected, so I would say cyber awareness and training are essential inside the company and it should be discussed with employees on a regular basis. If the marketing department is spinning up a lot of landing pages and public sites, they should have a complete overview of every single site they have, know what software is used, and make sure everything stays up-to-date. Additionally, set up alerts if something goes wrong to react as fast as possible to protect the SEO rankings and domain reputation. It always feels good to have peace of mind and have some extra time for updating the software on critical moments by protecting the websites and landing pages with the web application firewall.
How do you foresee the future of cybersecurity?
There are so many cybersecurity professionals missing in the IT sector which is also a sign that companies (especially SMEs) can’t afford internal cybersecurity teams. I think a lot of these companies are going to look for managed services. I personally think that digital agencies who are building websites and are often the first touch for a new-born company that help them to “enter the online” - are going to be the ones introducing the risks that come with “being online”, eventually shifting into managed service providers in upcoming years. This is exactly where we are positioning ourselves as helping the digital agencies and web development freelancers to transform their business into the new age.