We develop sophisticated tools and applications to meet the very specific needs of businesses that want to grow their share of online markets. These include apps to improve internal company processes and tools for customer acquisition and retention.
These are bespoke projects and include work for clients in the Finance, Retail, Leisure, Charity and B2B sectors.
Find our more about bespoke
Our in house experts carry out consultancy, marketing and research, using both our own and industry tools. We work closely with senior client stakeholders to agree objectives and regularly benchmark our work against these.
Projects include web development, ecommerce, social media, SEO and research.We work with a wide range of B2C and B2B brands.
Find our more about consultancy
What the Panama Hacks mean for your website
Read more on our blog
he ‘Panama Papers’ have become the single biggest leak of private information in history. The scale of the leak is 2.6 Terabytes in size (or 2,600 GB) which is a lot of information that we expect to see trickle out for years to come. To put that into context, Wikileaks was 1.7 GB of data.Technology experts looking at how this data was accessed found some fundamental errors that will have made it easy for any barely skilled hacker to gain access.Mossack Fonseca's client portal, where clients could access and share private data, was linked from their website running an old version of Drupal. Like Wordpress, Drupal is a widely used, open-source platform that is regularly updated as vulnerabilities appear. Much like your Windows computer, Drupal continually works to improve the security of its software offering free updates for you to install. Mossack Fonseca was running an older, unpatched version of Drupal with at least 25 known vulnerabilities at the time of the hack. Drupal and Drupal user groups will have publicly stated these vulnerabilities so it wouldn’t take a hacker long to attempt an exploit.Another part of the firm’s site was also running an older version of Wordpress with known vulnerabilities. To extend site functionality, their Wordpress installation was running plugins with their own, known, weaknesses. We won’t even mention their use of an Outlook 2009 server in 2016. We don’t expect the weaknesses to be the only reason someone accessed the data but, like jam at a picnic, they were the reason hackers started paying attention to Mossack Fonseca and were given the key to come in and poke around.The phrases ‘Hacker’ and ‘Cyber Attack’ sound very scary if you have just read them in the press but are in fact a common occurrence on most websites and servers. The essential tools for hacking can be copied from the Internet, and anyone in their back room with little experience can try and ‘hack’ a website. In most cases, ‘hackers’ will attempt to hack thousands of websites at a time, using scripts to automate the process. They won’t actively be targeting your site, nor will they necessarily know which sites they are hitting. What they will see is if any site has a vulnerability or weak spot that could be ready for exploitation. If your site is up to date and protected, they will move on. At DTT, we see these attempts like these on our own websites, every day. Our servers are built to identify and deflect any ‘brute force’ attacks of traffic, constantly checking to ensure that only the right type of visitors are coming to our sites. Wordpress sites, like Mossack Fonseca, have additional weak spots through plugins and themes developed by third parties which can make your site a bigger potential target than others. With any of our Wordpress developments we encourage minimal use of plugins for this security reason and for additional speed reasons (more plugins slows the page load), and wherever possible we use our code to achieve the result. Our Trifle and Mandarin clients are running on bespoke code, written by us, substantially decreasing the potential threat of exploit, and we are always updating our code base to improve this further.For every bespoke project, we actively encourage our clients to invest in a monthly support contract with us. These agreements allow us the time to proactively manage their sites with the aim of ensuring they have the most robust web presence we can provide.In the wake of the Panama hack, we know hundreds of leading law firms were actively targeted for exploits, and we do expect to see more ‘have a go’ attempts on all websites. Wouldn’t you sleep better knowing your site is up to date?