What Hosting Companies Need to Know About Attacks on Websites

January 12, 2021 in Hosting Providers

Cybercrime continues to grow at an alarming rate, and is predicted to cost the world $6 trillion annually by 2021. As a hosting provider, you are not only indirectly responsible for websites targeted by cybercriminals, but your business can also suffer as a result of cyberattacks. If left unchecked, these attacks on websites can drain your internal resources, degrade customer experiences, and ultimately cost you money.

In this post, we will examine website security statistics that impact your hosting business, including those relating to attacks on websites, CMS platform updates, and bot traffic. From there, we’ll examine how you can mitigate these negative experiences and turn them into an opportunity to grow your business.

As the frequency of attacks on websites continues to increase, both your clients and your hosting business are at risk. In fact, an estimated 12.8 million websites are infected with malware right now, based on SiteLock’s analysis of 7 million websites. In addition, the average website experiences 94 attacks each day.

Three trends that are most concerning, as they relate to attacks on websites, for hosting providers are the use of backdoor files, malicious mailer scripts, and the number of sites being blacklisted.

SiteLock’s latest website security statistics also indicated that 65% of these infected sites had at least 1 backdoor file, which grants attackers continued undetected access to website files or databases. This means that even if a hosting provider or website owner removes malware from the infected website, a hacker can infect the site again through the backdoor file.

For the customer, this is a frustrating experience because it appears that their site keeps getting reinfected and the host is not able to resolve the issue. And this situation forces hosting companies to invest more time and resources to field service calls from customers. If you service 1,000 websites, you can expect to spend around 600 hours or about $20K a year on addressing minor security questions. If a larger issue occurs, you’ll likely spend two to three times the money.

A second website security statistic of concern to hosts is 12% of infected websites contain malicious mailer scripts that use client website resources to send out mass amounts of spam email. This increases the chances of your server IP addresses being blacklisted, which can result in your clients’ email being blocked on that server. In addition to triggering a flood of calls from angry customers about their email service, these spam messages also drain your server resources, which can slow client website speeds.

Another website security statistic that impacts hosting providers is the number of websites being blacklisted by search engines. According to SiteLock data, the number of websites blacklisted by search engines is on the decline, which means that your clients can’t rely on search engines to notify them of website infections. That’s because when a client’s website is blacklisted, it won’t show up in search engines. If your customers’ websites are blacklisted, there’s a good chance they will wonder why they’re paying you for hosting when you can’t even ensure their website remains online.

Outdated CMS Platforms and Attacks on Websites

The same CMS platforms that make the development and maintenance of a website

accessible for millions of people also pose a major threat to hosting providers.

Many individuals build and manage their websites with CMS platforms such as WordPress, Joomla! and Drupal because they’re free, easy to use, and highly customizable. However, open source applications require regular core, theme, and plugin updates to remain secure. SiteLock website security statistics revealed that only 68 percent of WordPress sites were running the latest WordPress core version in 2018. This means that one third of all WordPress sites were vulnerable to attack.

While a consistent commitment to website security updates is essential, only 42% of website owners reported updating their applications monthly. This means that hosting providers who don’t monitor client sites to ensure their CMS platforms are up-to-date are more susceptible to frequent attacks on websites, which can damage their reputation.

According to research by StopBadware and Commtouch, 28% of companies whose websites are compromised consider moving to a new provider, which results in a loss of customers and revenue.

Good Bots, Bad Bots, and Website Attacks

Another growing website security issue impacting hosting providers is bot traffic. A bot is an automated program that completes simple, repetitive tasks at super-efficient rates. They fall into two major categories: good bots and bad bots.

Good bots are used by search providers to help with indexing websites, while bad bots are used by cybercriminals to identify websites with security vulnerabilities. They can then exploit these vulnerabilities to launch malware attacks on websites. A SiteLock study of 60,000-plus sites found that each week, more than 141 million visits to these websites were from malicious or suspicious bots. Since bad bots are proliferating rapidly, hosting providers should know how to protect their clients’ sites from them.

The impact bad bots have on you and your clients’ websites are significant, beginning with a drain on resources. Bad bots tax the web server, which can lead to increased bandwidth costs and a performance breakdown on the server.

More than ever, this extra performance matters. If a website loads in five seconds or less, your client’s business will enjoy 70% longer average sessions, and 35% lower bounce rates, according to research by Doubleclick. This means that by protecting your clients websites from bot traffic, you ultimately help ensure their success and satisfaction.

Protect Your Clients by Partnering With SiteLock

As these website security statistics demonstrate, it’s crucial for hosting companies to take action to protect their clients from cyberattacks.

As the host, clients rely on you to keep their website secure. This is both a serious responsibility and a major growth opportunity.

By partnering with SiteLock, you can tap into this area of growth, while improving client retention, reducing overhead, and setting yourself apart from competitors. And you also send a powerful message that you’re committed to protecting the website security of all your clients. Contact us today to learn more about the potential of partnering with SiteLock.

Latest Articles
Follow SiteLock