Obsidian Group is a human asset management firm focused on delivering results-oriented consulting services. Founder and President, John Perry, serves his clients by concentrating on four primary segments: human resource consulting, talent acquisition, marketing services and small business solutions. Perry has built his business on the belief that talent and human assets drive culture and success. With this mindset, Obsidian Group has helped its clients achieve their goals for over 13 years.
“We started Obsidian Group in 2003, primarily as a talent acquisition company in the IT, finance and accounting space,” Perry says. “During the economic turmoil of the late 2000’s, we enhanced our offers to include consulting in the HR, small business and marketing arenas. When we did this, our website had to be first class and reflect the professionalism of our firm. It is our face to the business world and critical to our success.”
The Obsidian Group website, obsidiangrp.net, was redirecting to another, unintended website. When site visitors attempted to visit obsidiangrp.net, they would end up on a malicious website instead. Hackers use website redirects to steal site traffic and data. Redirects can also negatively impact a company’s reputation.
“We use our site not only for potential customers to view our credentials, but also as a way for us to post jobs and solicit candidates’ resumes and credentials,” Perry says. “When it’s down, we instantaneously lose the talent business, our prime source of revenue.”
Solution and Result
The SiteLock team implemented security solutions specific to the site’s attack. Obsidian Group needed a solution that would not only fix the issue, but also prevent it from happening again. The SiteLock® SMARTTM scanner and SiteLock® TrueShieldTM web application firewall were placed on obsidiangrp.net.
SiteLock SMART scans obsidiangrp.net daily in search of malware signatures and links. Over 100 pages and 200 links are analyzed each day, providing the firm with constant surveillance. SMART will advise Perry if any files have changed since the previous scan, helping him determine who has been accessing his website and when. SiteLock reviewed the site’s SMART scan statistics from a 30-day time period and found that over 70,000 files were scanned for malware. If SMART finds malicious files or code on Perry’s website, they are removed automatically.
SiteLock TrueShield web application firewall actively protects Obsidian Group from malicious traffic and harmful requests. With TrueShield, safe traffic is allowed to enter the site, while harmful traffic is blocked. The website’s WAF statistics were reviewed from the same 30-day time frame, revealing that over 360 bots were denied access to obsidiangrp.net. SiteLock blocked four SQL injection attempts, a technique cybercriminals use to attack data-driven web applications. A total of 21 bots were asked to complete a CAPTCHA challenge, in which all 21 failed to pass.
Perry reflects on his website hack, “WordPress security plugins do an adequate job, but you need something more effective to monitor and prevent attacks from re-occurring, as the disruption is chaotic for any business owner. Cybersecurity is needed now more than ever.”
“Knowing your site is 99.9 percent secure with SiteLock allows you to concentrate on what you do best and let them work on what they do best.”