Monthly Archives: February 2023

Reading Time: 4 minutes

Businesses that are more centrically attached to a certain industry do tend to be ones that do not have as much of their success invested in e-commerce, or in a more simpler sense reliant on having a certain type of web presence. But countering that is the fact that often they have a greater amount of their investment connected to profit-generation capacity that is related to the infrastructure of their operations.

Industry clouds are a good example of that, and we’ll skip the W5 overview of them and go right to saying that industry clouds are nearly always vertical for obvious reasons. They also need to be more agile way to manage workloads and accelerate change against the particular business, data, compliance or other needs of their segment.

The last part of that is important to note, as business compliance needs are a characteristic of operations for these types of very industry-connected businesses in a way that is not seen at all for most of them that are strictly commercial in their operations.

So yes, the vast majority of businesses operating commercially and nearly all in online retail will be the types that make the services of a good Canadian web hosting provider part of their monthly operating budget. You’re basically invisible without a quality website and developed online presence and identity these days, and providers like us are just conduits that make your website up and visible on the information superhighway.

Data Fabrics Factor

Industry-aware data fabrics are in many ways the biggest part of how these clouds differ from conventional or community clouds. Innovative technologies and approaches are a close runner-up, but one constant is that using industry-specific services will add cost and complexity. There will be more value returned to the business but it’s not a simple or straightforward equation for exactly what and how is the best way to make that happen.

Investment in industry clouds is really taking off now as companies seek higher returns on their cloud computing investments, and these are investments they’ve had no choice but to make. As industry-related technology becomes better and more available, enterprises that climb on the industry cloud bandwagon today will be better positioned for noticeable successes in the future.

Many major public cloud providers do not have industry-specific expertise but are partnering with professional services firms and leaders in banking, retail, manufacturing, healthcare, and other industries. The result is a collaboration between people who understand industry-specific processes and data and people who understand how to build scalable cloud services.

Best Practices

A. Understand the Complexities of Service Integration, and Costs Attached to Them

For the longest time IT was dominated by service-oriented architecture concepts that are systemic to today’s clouds. Industry-specific services or APIs that could save us from writing those services ourselves weren’t ideal, but they were readily available. Programmableweb.com is a good example of where many went to find these APIs.

Today you’re more likely to be weighing whether or not industry-specific service should be leveraged at all. This is the ‘build-versus-buy’ decision that people talk about in relation to this. The considerations are the cost to integrate and operate a service versus the cost to build and operate it yourself. Using OPC code is what most people opt for, but that choice can can come with unanticipated costs and much more complexity than you planned on.

To master this best practice, just ask the questions and do the math. You’ll find that the cost and complexity usually bring back more value to the business. Not always though.

B. Ensure Systemic Security Across the Board

Sufficient security with industry-specific clouds is never to be assumed. Those sold by the larger cloud providers may be secure as stand-alone services but then turn into a security vulnerability when integrated and operated directly within your solution.

The best practice here is to build and design security into your custom applications that leverage industry clouds. Doing so with an eye to ideal integration so no new vulnerabilities are opened. The best approach is to take 2 things that are assumed to be secure independently, and then add dependencies as you see fit to change / improve the security profile.

C. Seek Out Multiple Industry-Specific Services & Compare

It is fairly common for platforms to be built with use of industry-specific cloud services from just one provider. That may be the easy way to move forward and often you’ll feel fairly confident in your decision based on your research or referrals. But just as often the best option is on another cloud or perhaps from an independent industry cloud provider that decided to go it alone.

It’s good advice to say you shouldn’t limit the industry-specific services that you are considering. As time goes on, there will be dozens of services to do tasks such as risk analytics. You will be best served by going through long and detailed evaluations of which one is the best fit based on your structure top-to-bottom, as well as taking your operation dynamics into consideration too.

Reading Time: 4 minutes

Needs usually diminish, and that’s the way it goes the majority of the time for whatever reason. But as so much more of the work and personal worlds for people has gone digital and ever greater amount of everything is in the Cloud there is so much opportunity out there for cyber attackers to go after and attempt to acquire valuable data and information. From malware to ransomware and all wares in between, they’re out there and they’re becoming more complex right in step with how the digital world makes its own daily advances.

Here at 4GoodHosting like any other good Canadian web hosting provider we have hosting SSL certificates that can secure a website for basic e-commerce purposes. But that’s the extent of what folks like us are able to offer with regards to web security. Cybersecurity is a much lager umbrella, and a more daunting one if it’s possible for an umbrella to be daunting. But fortunately there are much bigger players at work working on defences so the good guys still have a chance of staying intact in the face of ever-great cybersecurity threats.

One of the more promising developments there as of recently is Deep Reinforcement Learning, which is an offshoot of sorts from other artificial intelligence aims where researchers found cross-purpose applications for what they’d been working with. So let’s use this week’s blog entry to look at this as these days nearly every one has some degree of an interest in cybersecurity. If not an outright need for it.

Smarter & More Preemptive

Deep reinforcement learning offers smarter cybersecurity, the ability for earlier detection of changes in the cyber landscape, and the opportunity to take preemptive steps to scuttle a cyber attack. Recent and thorough testing with realistic and widespread threats had deep reinforcement learning being effective at stopping cyber threats and rendering them inept up to 95% of the time. The performance of deep reinforcement learning algorithms is definitely promising.

It is emerging as a powerful decision-support tool for cybersecurity experts and one that has the ability to learn, adapt to quickly changing circumstances, and make decisions autonomously. In comparison to other forms of AI that will detect intrusions or filter spam messages, deep reinforcement learning expands defenders’ abilities to orchestrate sequential decision-making plans so that defensive moves against cyberattacks are undertaken more ‘on the fly’ and in more immediate response to threats that are changing as they happen.

This technology has been built with the understanding that an effective AI agent for cybersecurity needs to sense, perceive, act and adapt, based on the information it can gather and on the results of decisions that it enacts. Deep reinforcement learning has been crafted with that need taken very much into account, combining reinforcement learning and deep learning to that it is entirely agile and adept in situations where a series of decisions in a complex environment need to be made.

Incorporating Positive Reinforcement

Another noteworthy functionality of DRL is how good decisions leading to desirable results are reinforced with a positive reward that is encompassed as a numeric value, and then at the same time bad choices leading to undesirable outcomes come with a negative cost. This part of DRL has strong fundamental A.I. underpinnings as it is similar to how people learn tasks. Children at a young age learn that if they do something well that leads to a favorable outcome as seen that way by people expecting it of them, they know they will benefit from that in some way.

The same thing of sorts occurs with DLR here in deciphering cybersecurity threats and then disabling them. The agent can choose from a set of actions. With each action comes feedback, good or bad, that becomes part of its memory. There’s an interplay between exploring new opportunities and exploiting past experiences and working through it all builds memory as to what works well and what doesn’t.

4 Primary Algorithms

Recent advances with DLR that have taken it to the next level and put it on the radar for the cybersecurity world as a promising new A.I.-based technology have been based on four deep reinforcement learning algorithms – DQN (Deep Q-Network) and three variations of what’s known as the actor-critic approach. Here is an overview of what was seen in the trials:

• Least sophisticated attacks: DQN stopped 79% of attacks midway through attack stages and 93% by the final stage

• Moderately sophisticated attacks: DQN stopped 82% of attacks midway and 95% by the final stage

• Most sophisticated attacks: DQN stopped 57% of attacks midway and 84% by the final stage. This was notable as it was far higher than the other 3 algorithms

While DRL for cybersecurity looks promising and may someday be a well-known acronym in the world of web technology and online business, the reality is that for now at least it will need to be working in conjunction with humans. A.I. can be good at defending against a specific strategy but isn’t as adept with understanding all the approaches an adversary might take and it is not ready to completely usurp human A.I. cybersecurity analysts yet.

Reading Time: 3 minutes

Clipping can have all sorts of different meanings for different people, but the only time it has a positive context is if you’re talking about scrapbooking or something similar. When the maximum speed limits for broadband internet connectivity are reached you are going to experience something called broadband speed clipping. This happens very often with video streaming, conferencing, gaming and other bandwidth-hungry pursuits.

To put it in perspective how much of a problem this is becoming, a little more than a year ago there was a report that the number of U.S. broadband users who regularly push the upper limits of their provisioned internet speed around 9 p.m. at night increased 400% from just one year earlier. Makes sense when you consider how many people are streaming content at the time of the night in a country of 350+ million people, and the only reason that doesn’t happen in Canada to the same extent is that we have only 10% of that population.

All of this leads to the inevitable reality that the entire world is stretching broadband networks to their limit like never before, and for us here at 4GoodHosting this is something that any reputable Canadian web hosting provider will take some interest in given the nature of what we do and how connectivity speed and the simple availability of sufficient bandwidth is quite front and center for a lot of the businesses and other venture for whom we provide reliable web hosting.

Hybrid Infrastructure Strain

Where we are now is that the percentage of subscribers pushing against the upper limits of their broadband networks’ speed tiers had increased dramatically over the past few years, putting massive strain on hybrid infrastructures, and along with it data consumption within infrastructures has rocketed right alongside it.

All of this was measured with a suite of broadband management tools, and used to pinpoint usage patterns, especially the differences between two key categories. Those being the number of subscribers on flat-rate billing (FRB) plans that offer unlimited data usage and in comparison to those on usage-based billing (UBB) plans where subscribers are billed based on their bandwidth consumption.

The results for the first 10 months of 2022 showed that average broadband consumption approached a new high of nearly 600GB per month by that point and the percentage of subscribers on gigabit speed tiers had gone up 2x over the course of the previous 12 months. Average per-subscriber consumption was 586.7GB at the end of 2022, and that’s a nearly 10% increase from 2021. The percentage of subscribers provisioned for gigabit speeds rose to 26% over that same time frame.

That’s more than double that reported for the fourth quarter of 2021 figure of 12.2%. Nearly 35% of surveyed subscribers were receiving gigabit network speeds, its own increase of 13% from a year ago and 2.5 times the percentage of FRB gigabit subscribers. Year-over-year upstream and downstream bandwidth growth remained relatively even for Q4 022 – 9.4% and 10.1% respectively.

Monthly 1TB+ Usage More Common

The 586.7GB average data usage number for that Q4 was up 9.4% from its Q4 2021 equivalent of 536.3GB. This show the year-on-year pace had slowed since its peak of 40.3% growth to 482.6GB in Q4 2020. Along with this the number of power users consuming 1TB or more per month was 18.7% for Q4 2022, and that equates to a year-over-year increase of 16% and 10 times the percentage seen just five years ago.

This is a very indicative reflection of the tremendous extent to which more people are going really heavy on bandwidth with streaming and the like these days. ‘Superpower’ users are being defined as anyone consumes 2 terabytes or more a month, and the number of these super users increased by 25% in Q4 2022, a significant jump from 2.7% to 3.4%, working out to a 30x increase over the previous 5 years.

Another relevant consideration is the way that as migration to faster speed tiers continued, the percentage of subscribers in tiers under 200Mbps went down by 43% for that same 4^th quarter 2022. Median usage for the cross-sectioned ‘standard’ users was 531.9GB, more than 34% higher than the 396.6GB recorded by all subscribers.

The biggest higher-than-average single day aberration for much higher usage was on Christmas Day. On December 25^th there was significantly higher average usage beginning in the mid-morning hours and then continuing into the afternoon. Clearly demand for greater internet speed continues to increase and network planning needs to be done around this ever-present reality. Here in Canada there is an ongoing progression towards more rural communities having high-speed internet and this will need to be a consideration for network providers as well.

Reading Time: 3 minutes

WordPress is a big deal around here at 4GoodHosting, and like other Canadian web hosting providers we’ve recently recently debut our Managed Canadian WordPress hosting here. It’s optimized for WordPress sites, and the reason it’s been worth the time and efforts to put it together is that WordPress powers more sites than any other source around the world. It’s certainly come a long way from its humble beginnings as a means of putting your blog on the web.

But its popularity is also based on the thousands of plugins that users have to choose from to customize their pages. That popularity is the reason that these plugins and have become the target for SQL injection attacks recently, and with many of our web hosting in Canada customers having WP sites it makes sense for us to use this week’s blog entry to discuss this and make any one who the needs the info aware of the risk.

This is because a little less than 2 months ago (December 19, 2022) a critical security alert was issued for users with multiple WordPress Plugins. Apparently their inability to properly verify request parameters were increasing the risk for SQL injection attacks.

The assumption was that the threat factor was magnified even more by the fact that many people have so many plugins utilized within their website that they may not even be able to identify whether or not they’re at risk. These types of attacks can give an attacker the ability to access sensitive information, prompt the deletion or modification of data, or even take control of the entire website.

Input Validation Issue

The biggest of these discovered vulnerabilities in a plugin specifically relates to the lack of proper input validation in the ‘code’ parameter in the /pmpro/v1/order REST route. What results is an unauthenticated SQL injection vulnerability, able to occur because the parameter was not properly escaped before being used in a SQL statement.

The next serious vulnerability was found in a plugin that relates to the lack of proper input validation in the ‘s’ parameter in the ‘edd_download_search’ action. This specifically is being sent to stem from the ‘edd_ajax_download_search()‘ function located in the ‘./includes/ajax-functions.php’ file.

The third of these significant vulnerabilities was discovered in a plugin, which relates to the lack of proper input validation in the ‘surveys_ids’ parameter in the ‘ays_surveys_export_json’ action. Explaining how this works exactly, it means aan attacker needs to be authenticated but administrator privileges are not required. An example of this can be seen when it is used by an account with a ‘subscriber’ privilege level.

Explicit Control

From there the values are inserted into SQL queries without modification or with minimal modification, making them vulnerable to classic SQL injection attacks. As mentioned, the attacker may then ability to access sensitive information, delete or modify data, or even take control of the entire website.

These vulnerabilities were found in widely-used plugins, and a significant number of websites being at risk is likely. Any user who is using these plugins is strongly advised to update their software immediately as a means of protecting their websites from potential exploitation. WordPress IS aware of the issue and the team behind these plugins is working quickly to address the vulnerabilities and release updates.

Addressing the Issue

At the time of this release, the three vulnerabilities have been assigned CVE identifiers, but they are still pending approval. This means that they are currently being evaluated by the relevant authorities to determine their severity and potential impact. 3WAF rules have been issued for user reference in response to these security vulnerabilities:

CVE-2023-23488 -> 406016

CVE-2023-23489 -> 406017

CVE-2023-23490 -> 406018

There will be a need to continuously monitor the results and any false positive rates.

 

 

f