Politically motivated hactivism is a rampant threat to Middle East government and enterprise organisations and cyber terrorism groups have successfully leveraged web-site defacement to shame businesses and spread their ideologies.
To address this growing cyber threat, Help AG, an information security services and solutions provider in the Middle East, has unveiled the new anti-defacement feature of its Co-ordinated Threat Mitigation (CTM) service. Customers can now avail of a 24/7 web-site monitoring service that guarantees defacement mitigation in under 30 seconds.
With groups such as Anonymous and the Syrian Electronic Army taking the fight to the cyber battlefield, Stephan Berner, Managing Director at Help AG believes it is time for organisations to take affirmative action. “For many Middle East customers today, a company’s website if their first and primary association with the brand. Defacement of the portal can therefore have significant negative impact on their perception of the brand. Understanding this, Help AG has created a solution which mitigates defacement and leaves our customer’s image untarnished even if they do fall victim to such an attack,” he says.
Help AG’s new anti-defacement service offers 24/7 monitoring of the website and triggers an automated response if the content is found to be outside of the allowed parameters. Visitors are then presented with a cached version of the website or a message informing them that the service is temporarily unavailable. Help AG has ensured that this reaction time is minimal thus almost eliminating the possibility of users being aware that an attack was carried out.
This service is part of Help AG’s broader CTM offering which is cloud-based. The company has made sure to address two of the primary cloud-related security concerns i.e. sharing of information with a third-party provider and data storage at an external location. Stephan explains, “We carry out all the processing at the customer’s site and only extract generic data that does not contain any sensitive information. Furthermore, the service is hosted in a data center within the Middle East itself and is therefore not subject to any other nations’ laws that could potentially jeopardize the security of the information. We have been completely transparent in our approach which is why even government customers with the greatest security demands have not hesitated to sign up for the service.”
CTM, which was announced by Help AG late last year, also includes a robust challenge-response based user identification mechanism. This bars access for malicious users and also helps identify and block automated tools-based attacks which are easy for attackers to execute and have a shockingly high success rate. The company is currently leveraging this service to build a central intelligence platform that will serve as a comprehensive threat data-base for all customers that sign up for the service.
“Web-site attacks are executed in phases and attackers largely rely on tools to first probe a target’s website to uncover details regarding the servers and security mechanisms that are in place. By identifying and blocking such requests in the initial stages, Help AG prevents the exposure of such sensitive information thereby greatly tipping the scales in favour of our customers,” says Stephan. Another advantage of the identification service is that it eliminates the large volumes of log entries typically generated by requests from malicious users, thus allowing organisations to identify and focus on a significantly smaller set of logs.
Both features of Help AG’s CTM service are now available to customers and further details are available on the company’s website.