Auckland-based network implementer Logical Networks has launched a service that promises to fix up defaced websites in minutes.
The service has been added to Logical's flagship Secure24 security offering, developed by the company and technology consultants Optimation.
The defacement of websites by hackers appears to be increasing - the attrition.org website no longer keeps a record of defaced sites, saying it could not keep up. Fears about more serious attacks than just defacement - replacing text and images with the hackers' own - are also rising. Last week the US-based Business Software Alliance reported that 60% of larger US business expect a major cyberattack within the next year, though 45% were unprepared for one.
Logical security product manager Lindsay Zwart says the service works by the company remotely monitoring the availability of the website and discovering if there are any changes. Logical looks at the checksum value - a form or encryption or unique signature given to any data. If the checksum has changed for the worse, Logical can create a replacement page within minutes.
Secure24, which was developed over 18 months, offers a variety of security functions including antivirus, patching and remote monitoring of firewalls and intrusion detection. It takes the output from a wide range of security-related devices on a customer site - including firewalls, intrusion detection and virus protection systems, and remote access servers - and converts them into a single common format within a logging server. There it applies intelligent filtering rules and pattern detection to determine which incidents are routine and which warrant further investigation or intervention.
"All of the bells and whistles around monitoring and alerting comes in one package," says Optimation's Auckland manager, Robert Lilley.
At regular intervals data from the database is uploaded to a central analysis server in Logical's operations room in Auckland. This keeps a long-term record of security events on the customer's site and provides the opportunity to analyse and report on events and provide recommendations.
Secure24 was rolled out a year ago and has since been deployed across New Zealand, England and the US. The service claims 10 customers in e-commerce areas such as utilities, banking, technology and agriculture.
Lilley says he cannot identify clients due to their sensitivity about security. But he adds Optimation and Logical, who are responsible for testing, both use the system themselves.
Fellow security company Co-logic Security believes that while some website mirroring software exists on the market, this is the first time a web defacement service has been offered in a security package.
Technical director Arjen de Landgraaf describes Secure24 as a "very smart service" warning on current conditions, whereas his E-Secure IT service is more forecast-based and predictive.