Technopark-based Mirox Cyber Security and Technology, a leading firm on cyber security, advocates security audit for every website. The corporate website of leading multimedia company AMTECH, which was hacked by Pakistan Hunters, a Pak-based hacking group, was recently recovered by the Mirox team after seven days of work.
The website of the company was defaced and complete control was taken over by the hackers. The recovery process initiated by the cyber security firm included a cyber-forensic investigation and VAPT (Vulnerability Assessment and Penetration Testing) to avoid similar incidents. VAPT is an independent testing and certification of the IT vulnerability management system which makes it convenient to run tests over the Internet anywhere, anytime.
CEO and founder of Mirox Cyber Security & Technology Pvt Ltd, Technopark, Rajesh Babu said: “The corporate website of AMTECH was recovered, and we regained complete control of the server. We identified various loopholes and vulnerabilities in the website servers by which the hackers were able to easily hack this website. We also found out the presence of ‘backdoors’, which is a mechanism that allows the hackers to regain complete control over the website wherever and whenever they wanted inside the hosting server.”
Rajesh said recovery of a hacked website would normally take 7-15 days. “The time of recovery will depend on the control gained by the hackers. Sometimes, it may be just 48 hours to get back the site. Sometimes, they might access the control panel, then it would take 7-15 days,” he said.
The Mirox team has drafted a VAPT report on the hacking of AMTECH website and submitted it to CERT-In, the cyber cell of Kerala Police and IT Secretary P H Kurian.
Rajesh said all websites must undergo security audit every three months. “This will reduce vulnerability to hacking. We can’t say it is 100-per cent secure. But with periodic checking, the hackers may take five months, instead of 10 days, and in between, we could do the review,” he said. Rajesh said that more and more people were now becoming aware of hacking.
“We would like to urge all the companies and organisations to do a thorough security assessment and perform periodic VAPT on the web server before and after hosting the company’s website or any applications on any hosting server,” Rajesh added.
Comments
0 comment