Bath Web firm finds early success with anti-hacking app
BATH — Sam Hotchkiss and his team of programmers battle robots for a living, but they're not the kind you see in sci-fi dramas.
The robots – bots, for short – are the kind that manifest from computer viruses.
After a virus gains control of a computer, a master server then orders the infected machines to hack into websites by exhaustively guessing their passwords, breaking in, and then inserting viruses or links into them.
To fight against these so-called "brute-force attacks," Hotchkiss and crew have developed BruteProtect, an application that has been installed on nearly 50,000 websites and has prevented more than 50 million attacks since launching last year.
"We see a concentrated attack approximately every four to six weeks," Hotchkiss said on a recent Friday morning. "Across all of our sites on an average day, we'll see about 250,000 malicious connection attempts."
BruteProtect works by building a central database of computers that make multiple failed log-in attempts on websites that use the app. If the computers appear suspicious, they are blocked from future log-in attempts.
The app, which works as a free, open-source plug-in for the popular WordPress publishing platform, comes at a time when brute-force attacks and other kinds of "botnet attacks" have been on the rise, threatening the security of websites and their visitors. One brute-force attack from 2013 alone had a botnet of more than 90,000 infected computers.
While the core product is free and its open-source status means anyone can view, modify, and redistribute its code, Hotchkiss said he expects to make money on a premium version planned for an April release.
WordPress itself is an open-source product, but its parent company is able to monetize the platform with premium features and services that are used by many high-profile companies, including CNN, Time Inc., Dow Jones and UPS.
Hotckkiss and his team work on BruteForce under the company name Parka LLC, at their downtown office on Front Street. He said he formed the company to separate their efforts from Hotchkiss Consulting Group, a web design firm.
Thanks to recent seed funding from a private investor in San Diego, Hotchkiss said his team was able to hire more employees and shift more of his team's focus to BruteProtect and future products.
"The goal of Parka is to develop ways independent websites can work together to be more powerful than they would be individually," Hotchkiss said. "Imagine the implications if 10,000 independent bookstores were able to work together to have the same level of tech Amazon has by networking all of these independent nodes."
Despite being far away from technology hubs in Boston, New York and San Francisco, Hotchkiss said his company's location in Maine is not a detriment. In fact, he said, the state's high quality of life and low cost of living made it the top choice when he and his wife, Becky, were deciding where to move a few years ago.
"We have a great house on property for the same price that we may have been able to buy a studio apartment in the city," he said, "and I get 110 megabit Internet at my house. What else do I need?"