It seems some people with good computer skills have entirely too much time on their hands. We regularly see attempts to hack into our servers, our client servers, and our hosting environment. An example: a hacker bombards a server with automated log on attempts using guessed passwords, sometimes referred to as a dictionary attack, or a brute force attack.
You might think these attacks are all from overseas. Some of these intrusion attempts come from overseas, and we can use country-blocking to address some of them, but that’s not the whole story.
There was a rather annoying hacker right here in the good ol’ USA that had some ‘favorite’ servers to target, servers under our care. We had gotten pretty tired of this, so we added a few tools; this really ticked him off. The hacker greatly expanded the number of servers to attack and the frequency!
Why are we sharing this with you? For this hacker, it was a game, then a matter of pride. For others, it’s all business; they want to encrypt the data, make the ransom request, get paid, and move on to the next one; nothing personal, just business.
Well, we’re in the business of protecting our clients’ servers and data. We have no intention of just watching this go on.
In the coming months, we have a few tools we will layer on to our security protocols in the hosting environment.
Like an intricate clock or a great piece of machinery (I love cars), having the right components can make things just ‘hum.’ We know that refining access to servers, fine-tuning the firewall settings, and increasing user authentication will further limit the number of attacks, as well as the risk of a breach.
So, in the coming months, if you use any of our hosting solutions – Private Server hosting, Multi-Tenant hosting – we will roll out these added features. This will include changes to the public access of the server you log into; creating a direct VPN ‘tunnel’ to our hosted environment; arranging additional authentication for remote users and those with laptops on the road. We’ll limit the number of log on attempts, after which the user (or hacker) will be locked out for a period of time.
This is in direct response to the onslaught of attacks we’re seeing, and it’s where the industry is going as we all look for ways to step up security and protect our clients. We’ll reach out to you with more details in the coming months! Any questions, give us a call – 630-850-9039 —CMW