• Increase font size
  • Default font size
  • Decrease font size
Home News Archive And the hits keep on coming…

And the hits keep on coming…

E-mail Print PDF

These days Apogee blog articles get an average of 25 hits over the initial week of publishing. Hits are tracked at actual clicks on the article, either to look more closely at it or to print it out. So when a couple of new articles suddenly registered more than 2,000 hits in just over 24 hours, it raised some flags.

They like me, they really like me

Had we suddenly become super popular? Were we swept up in a tidal wave of traffic caused by some big kahuna website linking to our website? Had there been a software malfunction?

Or had there been a surge in hacking?

Just the facts ma'am

Our investigation started with Google analytics to see if we had actually gotten a surge in visitors. The Google platform records the visits of anyone who has not turned off Javascript and gone into stealth mode

We can assume that a higher than normal amount of visitors do so in stealth mode, given the nature of our editorial focus, but 1800+? No man I don’t think so.

Catch a wave and you’re sitting on top of the world

It’s not uncommon for a wave of traffic from a big site to crash upon the shores of a small island of the internet like ours. The picture below shows which sites link to our site.

Inbound_links

As you can see, we do get a significant amount of link traffic from wifcon.com. The picture shows 63 links from that site; so this could be our big kahuna, but 63 was not enough to generate the spike in article hits that we saw.

The next step was to look at our total raw traffic.

One report to rule them all

Website server statistics record every request made be it bot or bureaucrat. So if we have a surge of requests this is where we will find them.

Monthly_Traffic_Report

While we can see, in the above picture, some fluctuation in the month to month statistics, no increase in raw hits correlates to a higher than usual blog post request from the database. That wasn’t it, but if it wasn’t a higher frequency than it must lie in the individual requests.

Quick -- to the Apache logs!

Monkey see Monkey hack

Up until now, we have been looking at abstractions of the data. As we take step after step through these meaningful groupings our answer has eluded our grasp. Thus, we must delve past the reports and charts into the transaction logs of our Apache web server.

Apache logs are a record of every action taken to access information on the site. We churned through 250,000+ records and found that some of our fine visitors had been using various hacking tricks like SQL injection to get past the site's defenses. In their failed attempts, they triggered requests for the blog posts and those requests inflated the individual article hit counter.

As it turns out we were not sudden rock-stars. We were just another site being attacked.

Who Are you?

geo_data_final

In the last two years, there have been one or two news events that you may not have noticed. To recap, some email got wikileaked and western democracy was hacked. So who seeks to break in like some looter during a riot? As it turns out everyone from Russia to the great state of Kansas. Those of you that know your geography with notice, in the picture above, that we field attention from Korea, Iran, and France too.

Would you like to play Thermonuclear War?

As we settle into the post-nuclear age -- a time where the next world war will be fought with cyber armies in “non-kinetic” battles (and if you have been paying attention), it's clear that the war has already started. When your work focuses on U.S. Government issues; it seems that hack attempts are simply a cost of doing business.

In conclusion, as Doctor Who might say: Stay calm and encrypt everything!

 

Newsflash

In March 2009, Nick Sanders’ article “Surviving Government Audits: Have the Rules of Engagement Changed?” was published in Government Contract Costs, Pricing & Accounting Reports (4 No. 2 GCCPAR P. 11). Apogee Consulting, Inc. is proud to announce that Mr. Sanders’ article was selected for reprint and publication in Thomson West’s The New Landscape of Government Contracting.  Mr. Sanders, Apogee Consulting’s Principal Consultant, joins such distinguished contributors as Professors Steven Schooner and Christopher Yukins, Luis Victorino and John Chierachella, Joseph West and Karen Manos, Joseph Barsalona and Philip Koos and Richard Meene, and several others.  The text covers a lot of ground, ranging from the American Recovery and Reinvestment Act (ARRA) to Business Ethics and Corporate Compliance, and includes several articles on the False Claim Act and the Foreign Corrupt Practices Act.  In addition, the text includes the full text of many statutory and regulatory matters affecting Government contract compliance.

 

The book may be found here.