Here at Williams Innovation, we take security very seriously. After all, we are a company that manages other companies’ security for them. We partner with some of the top security providers to ensure that we are staying on top of the latest threats.
That being said, if you visited our website a few days ago you might have been plagued with odd videos, pop-ups, and links leading to other non-reputable websites. For this, we profusely apologize. We were hit with a very smart type of Hijack using a hole in the WordPress CMS software. The hijack was smart in the way it presented either the hijacked website or a copy of the clean website based on the location the traffic was coming from. If someone was viewing the website from any location that had logged into the admin section, they would be presented with the clean version of the website. However, for users outside of the company who would never have logged into the admin section, they were presented with the hijacked version of the website.
Thank you to a referring partner of ours for giving us the heads up. The hijack has been taken care of and the hole in WordPress patched. We also took more severe security measures to ensure this does not happen again.
We are a small company based in Round Rock and never thought that we would be the target of a Hijack (security by obscurity). That just goes to show that even small companies in a small town can be a victim of hacking and hijacking attempts. We are thankful that the hijack was of the annoying variety and not the information stealing variety, but we know that it could have been much worse. We urge everyone to double check their security posture not only on external facing websites but in all aspects of the business.
In honor of our recent cleanup and security posturing efforts, we are offering a free security posture check for your business. This checkup will cover email security, external facing application security, and other often overlooked areas where attackers may cause havoc.