Canadian Web Hosting Blog and News
3Jun/130

Protecting Your Website From Malware

When searching for your business online and you see this -

 

Your website and business are in trouble.  You’ve been hacked.  What should you do?

Every day, malicious users, hackers and cybercriminals attempt to compromise thousands of websites.  Hacks are often invisible to users, yet remain harmful to anyone viewing the page — including the site owner and/or business.   Every day, we see customers who unbeknownst to them, have been hacked and their site has become infected with harmful code which in turn can record keystrokes on visitors’ computers, stealing login credentials for online banking or financial transactions.

You may ask yourself, isn’t it my web hosts job to protect my server?  The answer is both yes and no.  Your web host, like Canadian Web Hosting, has most likely implemented strong network security mechanisms and other security features that ensure your service works properly including hosting your website.  However, where the most common misconception is that your web host does not control your server and your code for your website unless you are utilizing managed services.  In an unmanaged environment, each customer is responsible for updating their applications, website code and implementing services to protect their business.    We’ve seen some recent vulnerabilities with popular applications like WordPress that have severely impacted customer websites because they did not keep their applications up to date, even after receiving notifications that their code needs to be patched due to emergency vulnerabilities that have been identified.   These attacks range from server configuration problems, SQL injections, Code injection, error templates and many more.   It is also interesting to note that many customers fall into heavily targeted areas without even knowing that they are in a high risk geography.  Trustwave recently release a graphic that shows the most common areas of attack based on country.

So, if you’ve been hacked what should you do?   Here is where you ask yourself, do I want to handle it myself? Or get help?  Here at Canadian Web Hosting we follow-up a very rigid methodology to quickly identify malware/hacks on customers site, and have built a rigorous process to eliminate the hack as soon as possible.  Typically, we will look at the following steps:

1)      Scanning your site

2)      Quarantining the site

3)      Validating backup files

4)      Assessing the damage (hacked with spam or malware)

5)      Identify the vulnerability

6)      Clean and maintain the website

7)      24/7 Monitoring

Now, depending on your own expertise these steps range from basic to advance and may require a security professional to analyze the hack, remove it from your site/code and validate that your site is clean.  In the next article, we will spend more time talking about each step and identifying some best practices to minimize any impact on your business and your customers.    However, some simple steps can go a long ways in the event that an issue has occurred.   Check your user accounts and make sure you have unique passwords that follow secure password principles, update your web applications and operating systems whenever a patch is released, and utilize low-cost 3rd party security providers that can monitor your site 24/7 and will notify you of any potential vulnerabilities or malware attacks on your site.

There are a few services like this available today like stopthehacker and Sucuri that offer basic month-to-month or yearly costs to monitor your site and your reputation and notify you in real time when an issue occurs.  Recently, Canadian Web Hosting, the leading provider of web hosting and cloud-based Infrastructure as a Service (IaaS) solutions in Canada, partnered with Sucuri, the leader in malware prevention to deliver a cost-effective solution that is focused on malware detection and removal.  The reasons for this are several but are focused on several key principles – 1) extremely effective at identifying issues, 2) low cost threshold, 3) continuous updates to their database and security threads and 4) use of security professionals who review your site code and implement fixes.   This last point has been a key benefit for Canadian Web Hosting customers as it avoids common issues that we see with “automated” malware removal where the system just carves out the code without recognizing possible scenarios that will cause a site to crash or become unworkable.

Sucuri, works by actively scans all pages of customers’ websites for viruses and possible web malware threats to see if malicious users have injected harmful code into them. Additionally, Sucuri continually monitors potential new versions of malware and protects online businesses from any emerging threats.  Because of potential complexities identified in the process list above,  Canadian Web Hosting security experts take a very proactive approach work with our customers and will actively manage any malware notifications or possible attacks. In the event that an issue is identified, Canadian Web Hosting’s security teams take all necessary actions to rectify the situation including validation of clean backups and files, malware removal, and continuous communication with the customer.  Here are some of the features of Sucuri:

Standard Malware Detection
Advanced Malware Detection with Artificial Intelligence
Server-side Scanning including .htaccess Hack Detection
Webpage Defacement Detection
Phishing Page Detection and many more
Malware Cleanup
Blacklist and Reputation Monitoring
Vulnerability Assessment

Server Side Scanning
Speed Monitoring & Up-time Monitoring
WordPress Plugin

Working in combination with Canadian Web Hosting’s Secure IT platform, customers will benefit from using Canadian Web Hosting’s advanced Defense Network layer approach that both protects and monitor botnets, malware and a customer’s website's IP reputation to protect their users and networks from possible malware attacks. This includes malware prevention scanning that blocks inbound and outbound traffic by tracking malicious activities to their firewall gateways to enforce pre-determined security policies, as well as server side and website scanning that when combined are 85% more effective in preventing malware and malicious attacks when compared to traditional malware services.

31Jan/130

How WhatsApp Violated Canadian Privacy Law? Unencrypted messages.

Canadians know that we have much stricter online privacy laws than most of our counterparts around the world and with that said, as a company, Canadian Web Hosting, always follows and keeps track of stories that breach our Canadians laws. Why? Because Canadian people and Canadians businesses care very much about where their own data are stored which is right here on Canadian soil. Both of our data centres are located in Vancouver, BC, and Toronto, ON and as you can imagine, we pride ourselves in protecting our customers' data very seriously. Your online data.

WhatsApp
Photo © abulhussain on Flickr

Now, if you are the kind of user who enjoys apps and texting, you are probably familiar with WhatsApp Messenger, a cross-platform mobile messaging app which allows you to exchange messages without having to pay for SMS since the app uses your data plan instead of your texting plan. The app is readily available for iPhone, BlackBerry, Android, Windows Phone and Nokia.

A few days ago, the media reported that privacy commissioner Jennifer Stoddart said that the mobile chat app WhatsApp violated Canadian privacy law and needed to be updated to comply with all her concerns. The article states:

Investigators found messages were being transmitted unencrypted, which left them vulnerable to being intercepted by hackers, particularly on public WiFi hotspots. The company did begin encrypting messages in September in response to the privacy agencies. But Stoddart says WhatsApp still has work to do to resolve all its identified issues. She was unhappy that users were not getting adequate disclosure about how their status messages could be seen by people not on their contact list. The company says it will address the complaint in a new release expected in the fall.

If you're a heavy app user, you might want to think twice about the purpose of the apps that you are using and how one company is utilizing your personal contact information. We often blog about privacy and you can keep up by following our "privacy" tag. Recently, we wrote about data centre physical security, our deployment of SecureIT Botnet and Malware Prevention, and the roles of StopTheHacker and prevention.

If you're looking for additional information on this topic, you may email us at sales@canadianwebhosting.com, or call us at 1-877-871-7888. You may also contact us through social media on Twitter at @cawebhosting, through our Facebook Page or leave us a comment below.

Kevin Liang
CTO / SEO Guru

13Dec/120

Everything You Need to Know on Data Centre Physical Security

In today's ever-growing regulatory compliance landscape, companies and organizations are continually looking for alternatives to reduce expensive in-house IT hosting but continually run into the problem of meeting corporate governance and compliance requirements. What’s more, these companies are seeking to use services from companies like Canadian Web Hosting who can provide assurances that a strong control environment is in place, complete with data centre and physical security best practices.

The focus of this article is to take a deeper look at an equally important aspect of web hosting and that is looking at the facility that the servers are actually hosted in and outlining integral best practices that allow you to meet your governance needs and ensure that the servers are hosted in an environment that provides limited access and ensures physical protection. Because of this, Canadian Web Hosting’s best practices for physical and data centre security, which are tested by an independent CPA firm for SSAE16 (formerly SAS70) audit compliance, are implemented throughout all areas of a data centre, rather than being segmented to cover only specific areas and include both data centre facilities located in Vancouver, BC and Toronto, ON.

Why is it important to look for the SSAE16 auditing standard? Since 1992, SSAE 16 and SAS70 have been, and will continue to be, one of the most effective and well-recognized compliance audits for testing and reporting on controls in place at data centres.

Physical Security
So, how does physical security actually benefit the end user? Let’s take a deeper look at what types of best practices and physical security features each of our data centres has. It is important to note that these processes are the same regardless of location.

Built and Constructed for Ensuring Physical Protection
The exterior perimeter walls, doors, and windows are constructed of materials that provide Underwriters Laboratories Inc. (UL) rated ballistic protection.

Protection of the Physical Grounds
The data centre has physical elements in place that serve as a physical protection barrier that protect the facility from intruders.

Bullet Resistant Glass

Certain areas within the data centre, such as the lobby area and other entrance mechanisms, are protected by bullet proof or bullet resistant glass.

Security Systems and 24x7 Backup Power

The data centre's security systems are functioning at all times, complete with uninterruptible power supply (UPS) for ensuring its continuous operation.

Cages, Cabinets and Vaults

The physical structures which house equipment must be properly installed with no loose or moving components, ultimately ensuring their overall strength and rigidity.

Man Trap
Each data centre has a man trap that allows for secure access to the data centre "floor".

Electronic Access Control Systems (ACS)
Access to all entry points into and within the data centre are protected by electronic access control mechanisms which allow only authorized individuals to enter the facility. Included within the framework of electronic access control should also be biometric safeguards, such as palm readers, iris recognition, and fingerprint readers.

Provisioning Process

Any individual requesting access to the data centre are enrolled in a structured and documented provisioning process for ensuring the integrity of the person entering the facility.

Off-boarding Process
Any data centre personnel or clients utilizing the facility services must be immediately removed from systems that have allowed access to the facility itself. This includes all electronic access control mechanism along with removal of all systems, databases, Web portals, or any other type of sign-in mechanism that requires authentication and authorization activities.

Visitors
All visitors must be properly identified with a current, valid form of identification and must be given a temporary facility badge allowing access to certain areas within the data centre. This process must also be documented in a ticketing system.

Alarms
All exterior doors and sensitive areas within the facility must be hard wired with alarms.

Cameras
Each Canadian data centre facility has a mixture of security cameras in place throughout all critical areas, both inside and out, of the data centre. This includes the following cameras: Fixed and pan, tilt, and zoom (PTZ) cameras.

"Threat Conditions Policy"

Each Canadian data centre location has a "threat conditions policy" in place whereby employees and customers are made aware of changes in the threat level.

Badge and Equipment Checks

Periodic checks are done on employees to verify badge access and equipment ownership.

Local Law Enforcement Agencies

Canadian Web Hosting Management has documented contact information for all local law enforcement officials in the case of an emergency.

Paper Shredding
A third-party contractor is utilized for shredding documents on-site, then removing them from the facility, all in a documented fashion, complete with sign-off each time shredding is done.

Data Centre Security Staff
These individuals must perform a host of duties on a daily basis, such as monitor intrusion security alarm systems; dispatch mobile security officers to emergencies; monitoring to prevent unauthorized access, such as tailgating; assist all individuals who have authorized access to enter the data centre; controlling access to the data centre by confirming identity; issue and retrieve access badges; respond to telephone and radio communications.

Additionally, they should also conduct the following activities:
Response and resolution to security alarms; assistance for cage lockouts and escorts; scheduled and unscheduled security inspections; enforcement of no food or drinks on the raised floor area; Enforcement of no unauthorized photography policy; fire and safety patrol inspections.

Physical Security Features
Specific to each location, Canadian Web Hosting also utilizes several additional security processes that enhance the above best practices. This includes, but is not limited to, the following:

• Access to sensitive areas within the data centre is controlled with an electromagnetic badge and/or biometric access system that is maintained, administered and controlled by physical security or operations personnel
• Visitors must be pre-scheduled seventy-two (72) hours in advance and present a valid photo ID or and be pre-authorized to gain admittance to data centre facilities
• To gain access to secured raised floor area, visitors (and documented employee) must sign in and be escorted by authorized data centre personnel
• Monitored through surveillance cameras, CCTV and regular patrols by security and operations personnel 24 hours per day, seven days per week
• Areas housing critical IT infrastructure are protected by a two-door access control system
• Management maintains documented security policies and procedures to guide employees’ activities for controlling and monitoring physical access to and within the facility
• Digital surveillance cameras monitor and record physical access to and within the facility
• Video backups of surveillance activity for a minimum of 30 days
• A dual challenged badge access system that requires an access card and personal identification number (PIN) is used to control access and movement within the facility. This system logs facility access and is available for review purposes.
• Biometric fingerprint scanning is used to control access to the data centre, telecom and power rooms
• Combination or key locks and biometric scanners must be used to access server/network equipment

If you're looking for additional information on this topic, you may email us at sales@canadianwebhosting.com, call us at 1-877-871-7888, or contact us through social media on Twitter at @cawebhosting or through our Facebook Page. You could also leave us a comment below.

30Oct/120

Canadian Web Hosting Deploys Secure IT Botnet and Malware Prevention Across its Entire Network in Canada

Canadian Web Hosting has deployed Secure IT to increase network security that further protects business IT infrastructure for Canadian Web Hosting customers.

Vancouver, British Columbia, October 30, 2012

Canadian Web Hosting, the leading IT services and web hosting solutions, VPS, VM and cloud hosting services, announced today the deployment of Secure IT Botnet and Malware Prevention across its entire network. Secure IT is a combination of industry-leading technologies and partnerships that have been combined to create an advanced Defense Network layer that protects and monitors botnets and a website’s IP reputation to protect users and networks from possible malware attacks. Canadian Web Hosting customers utilizing this service will immediately benefit by eliminating attempts at data theft, reducing detrimental network activity, decrease spam to their inbox, and improve overall server and network performance. More importantly, Secure IT ensures that business infrastructure and IPs are protected and helps business customers remain competitive by improving productivity, and avoiding possible reputational damage.

Canadian Web Hosting StopIT Security

Canadian Web Hosting StopIT Security

The Botnet Defense and anti-malware technologies work by enabling Canadian Web Hosting’s network-based firewalls to block both inbound and outbound traffic by tracking, updating, reporting, and delivering malicious activities to the firewall gateway to enforce pre-determined security policies. The technology automatically stops any incoming or outgoing traffic including those coming from malware sites, and makes the host server invisible to the remote user.

"Over the next five years, the number of Web sites on the Internet will grow to almost five to seven times today's number, and more and more of those sites will become targets by inappropriate or outright malicious attacks," said Kevin Liang, Canadian Web Hosting CTO. "With these new technologies, we are providing a streamlined security platform that allows us to create custom white and black lists, lists for inbound and outbound blocking, as well as focusing on geographical regions or malware types. In doing so, we are able to remove a significant amount of malware for our customers. By giving our customers Secure IT, their content, systems, and reputation values will be protected from malicious attacks."

Today, botnets, spear-phishing, and related malware among the greatest network security risks. These malicious activities are designed to steal valuable data and control user machines and can cause great financial, competitive and reputational damage. Industry surveys show that botnet infection is near 100% for organizations of all sizes. For just a few dollars a month, Canadian Web Hosting customers can add the new defense layer to their plans and feel reassured that their IP, their business and their investment are secure. Contact Canadian Web Hosting today at 888-821-7888 or by email at sales@canadianwebhosting.com to find out how to get Secure IT Botnet and Malware Prevention today.

About CANADIAN WEB HOSTING Hosting
Since 1998, Canadian Web Hosting has been providing a 100% all Canadian service that delivers on-demand hosting solutions including Shared hosting, Virtual Private Servers (VPS), Cloud Hosting, Dedicated Servers, and IT as a Service for Canadian companies of all sizes. Through the use of innovative technologies and experienced support personnel, they continually focus on helping each customer by offering configurable solutions that are tailored to their exacting business requirements. Canadian Web Hosting guarantees a 100% network uptime, and a total money back guarantee that backs everything they do. Customers can get help by calling 1-888-821-7888 to get basic support. For more advanced technical support, customers can use email, ticketing or real time live chat support with support staff.

For more information, visit them at http://www.canadianwebhosting.com, or get the latest news by following them on Facebook and Twitter at @cawebhosting. This information can also be found on their site in the press room section or you may also view other related media content on their Pinterest page.

CONTACT:
Matt McKinney
Canadian Web Hosting
604.283.1728
mattm@canadianwebhosting.com

31Jul/120

A Common Trait Between an Olympian and StopTheHacker: Prevention

The 2012 Olympics in London are in full swing and like other tech and business bloggers, we feel the urge to make an Olympics’ reference to make topics more relatable to our audience and current events. At the time of this post, Canadians are currently 25th in the medal count leaderboard – 0 gold, 2 silver and 5 bronze. Go Canada go! (Why do we sound like Canucks fans? Sorry, we can't help ourselves.)

Olympics 2012 in London, UK

How does an Olympian’s Training Relate to Web Hosting Online Prevention?

If you happen to be an athlete, say a hockey player, you might already know that according to sports’ studies, athletes can prevent injuries by taking some prevention steps such as strength training, which is one of the benefits in building muscles prior to competing. Strength training is necessary to promote success and safety. As such, the main keyword connects to: prevention. It’s simple. Prevention is one of the elements in an athlete’s overall training and in the web hosting world, prevention is highly important when it comes to protecting your sites, including your blogs. Our team often blogs about online privacy topics, and this time, we want to share with you how StopTheHacker can help you and your business regarding online security. If an athlete gets injured, he or she will lose precious time with physical therapy and such. It’s the same thing with your sites, if you get infected, you’ll lose hours, days and maybe weeks trying to recover data and preventing that from happening should be a must, so please read on. We want to help you become more productive in business and for you to worry less.

What is StopTheHacker?

StopTheHacker is a cloud based website protection suite (AV for Websites) to help prevent, detect and recover from malware (and viruses) attacks. StopTheHacker's technology, supported by the US National Science Foundation, has won multiple awards since 2009, and is a leading application supporting customers all over the globe, protecting their online presence from emerging threats. Each edition comes with a different feature set tailored to each specific target group and varying security requirements.

What are the Key Features of StopTheHacker?

Standard and Advanced Detections. StopTheHacker comes with standard or advanced detections. The standard feature checks all of your pages on your website for known viruses and web malware threats to see if hackers may have injected malicious code into your website. When enrolled, the built-in notification system immediately informs you about any scans found, so you, or your web master, can take actions if needed. The advanced version, in addition to what the standard version does, protects the website from never-before-identified malware. It detects malware within the following website elements including HTML, Java Script, php, iframes to name a few.

Automatic Malware Cleanup. You may not be a security expert, or have the resources available to handle a malware attack. Therefore, the automated malware scanning system can remove it for you and you can decide which level of automations fits the best for you. Let StopTheHacker tool do the work for you, so that you can focus on what’s important for your business.

Blacklist and Reputation Monitoring. It is a comprehensive daily check on the status of your website on Google’s Safe Browsing List and other search engines including Yahoo, and Bing; malware blacklists like Malware Patrol and Malware URL; DNS Blacklists; phishing blacklists like PhishTank; spam blacklists like SpamCop; and many more. We will automatically notify you if your website ends up on a blacklist and help you to remove your site from the search engine blacklist.

Vulnerability Assessment. It scans to identify vulnerabilities in your server/application configuration, so you can patch them to prevent web-based attacks by bots and hackers. Today, the tool checks over 35,000 vulnerabilities on your server(s), website and infrastructure. We also check for web application vulnerabilities in some of the most popular software applications like WordPress, Drupal, Django, Joomla, Ruby on Rails, OpenCMS. Through these scans, we can uncover vulnerabilities in custom installations too.

Other Features. They include speed and up-time monitoring, Facebook protection and because it’s cloud based, there’s no software to manage and it’s easy to set up. All services are offered on Software as a Service (SaaS) platform, and they are run outside the firewall.

How can a Customer Take Advantage of StopTheHacker?

It’s easy to implement StopTheHacker for your web hosting prevention needs, contact our sales teams today at 888-821-7888 or by email at sales@canadianwebhosting.com. Our expert team will work with you to examine your existing infrastructure and to relate back to our introduction, as strength training helps sports performance, it is important to remember that it is only one component of an integrated program, and compared to web hosting, prevention is only one of the components too. When you reach out to us, we can help you identify next steps to leverage our industry best services with Canadian Web Hosting along with prevention tools like StopTheHacker. Prevention is key, so don't wait!

What other online tools do you use to prevent your online sites? Please share your thoughts by leaving us a comment, otherwise, you may catch us on Twitter at @cawebhosting or on our Facebook Page, on a social side, we'll even chat with you about your favourite Olympics' event.

Kevin Liang
CTO / SEO Guru