As a small business, you’re likely concerned with drawing traffic and visitors to your site – but you may be attracting the wrong kind of attention. Cybercriminals are constantly targeting websites, and yours may be one of them. No matter how small your business is, you’re not too small to be hacked. In fact, 50% of small businesses in the US have been breached. Big or small, the average site is attacked 50 times per day, and improper security measures can increase your risk.
The evolving world of cybercrime can be complicated, and at the end of the day, you just want what’s best for your business. While you don’t need to be a cybersecurity expert to successfully protect your business, it’s beneficial to understand the ways cybercriminals seek to threaten your livelihood. You can start by learning about the three common cybersecurity threats that all small business owners should be prepared for: malware, vulnerabilities, and DDoS attacks.
“Malware” is the term used for all software created for malicious purposes, and it can infect both computers and websites. Website malware attacks can take over a website, steal sensitive customer data, or spread more malware. It’s not hard to imagine that this could have a devastating effect on your business, and the thought may be overwhelming. However, you can familiarize yourself with common types of malware, and implement solutions that can catch infections when they occur.
Common types of malware
Defacements change the appearance of a website to display a message that usually contains the cybercriminal’s “hacker name” or pushes an ideological message. You can think of defacements as the cybercriminal’s version of graffiti. They are easy to spot and fairly common, accounting for 18% of malware files in Q1 2018.
SEO (search engine optimization) spam takes advantage of the way keywords can be used to influence how well a website ranks in search results. By injecting keywords, links, spam comments, or pages containing all three into a website, SEO spam forces the site to rank for an unrelated and irrelevant keyword. This means that the website would no longer rank for keywords that drive traffic to the site, which may result in a significant loss of traffic.
A malicious redirect occurs when visitors land on a site and are sent to another site containing malicious content. This can make specific pages or even an entire website inaccessible.
How malware can harm your business
Search engine blacklisting
You might already be aware that search engines look for malware when they crawl websites. Blacklisting occurs when search engines find malware and place a warning on the infected website that prevents visitors from entering. This not only affects your traffic, but your credibility as well, as customers may no longer trust your website after they see the warning message.
It’s because of these side effects that search engines err on the side of caution and only flag websites that are definitely infected. However, this means that they only flag 17% of websites infected with malware, so you will still need to use other tools to scan for malware on your site.
Malware-infected websites may be suspended, or taken offline by their hosting provider. This is done to protect the site and their customers by preventing the malware from spreading further. A suspended site will not be accessible to customers, resulting in lost traffic and possible reputation damage.
A decrease in traffic and sales
Defacements may make your site inaccessible to visitors or deter customers with its shocking message, while malicious redirects send your visitors to another website entirely. SEO spam may cause your site to rank for irrelevant keywords, and stop ranking for relevant ones, making it harder for customers to find you in search results. Any of these could contribute to a decrease in traffic, and, as a result, a loss of revenue.
Any signs of malware, from defacements to malicious redirects, can make your website appear suspicious and untrustworthy.
How to prevent website malware
Website scanning is not only the easiest way to protect your website from these common cybersecurity threats, it’s also the most reliable. For the best results, you’ll want to look for a website scanner that:
- …scans on a daily or continuous basis, so that when an infection is found, you know right away.
- …removes malware automatically. Manual malware removal can be time-consuming and expensive, so a scanner that removes malware automatically can save you a lot of time and money.
- …is backed by an up-to-date threat database. With nearly 1 million new types of malware being created every day, you’ll want your website to be protected from the latest threats.
A website vulnerability is a weak point in a website’s code that allows attackers to exploit or gain control of a website. They are commonly caused by security issues in outdated software or unprotected input forms.
Outdated plugins and CMS (content management system) software can contain vulnerabilities if security issues are left unpatched or unattended. These issues often go unpatched because website owners may not know the risks, or they may be too busy to perform the updates. Unfortunately, it’s an all too common occurrence: 52% of infected WordPress websites were not running the latest version of WordPress at the time of compromise. Additionally, plugins often don’t receive the patches they need – in fact, 44% of plugins in the WordPress repository have not been updated in over a year.
“Unsanitized” or unprotected user input fields, like contact forms, can also be exploited. Cybercriminals can inject malicious code into these forms in order to steal customer info, distribute spam, or take control of the entire website.
Common types of vulnerabilities
SQL Injection (SQLi)
SQLi occurs when malicious SQL statements are “injected” into a user input field, allowing attackers to access the site’s backend database to steal customer information, modify or destroy data, or gain full control of your website. SQLi is so widespread that in Q1 2018, the average vulnerable website contained SQLi vulnerabilities on over one thousand pages. It’s for these reasons that SQLi has been named one of the top 10 cybersecurity risks every year for a decade.
Cross-Site Scripting (XSS)
XSS vulnerabilities differ from SQLi in that they occur when malicious code is injected into a web page itself, not a user input field. Attacks exploiting XSS vulnerabilities can steal data, take control of a user’s session or be used as part of a phishing scam. For example, visitors may be redirected to normal-looking pages that steal their information. A customer could click a link to what looks like your website’s checkout page, not realizing that the link maliciously captured their credit card information. In Q1 2018, sites with an XSS vulnerability had an average of 424 vulnerable pages.
How vulnerabilities can affect your business
A successfully exploited vulnerability can distribute spam content or hijack a user’s session. This can cause your website to appear suspicious, and wary visitors may be hesitant to return.
Loss of traffic and/or revenue
If a vulnerability leads to the compromise of sensitive customer information, such as their credit card details, you’ll likely lose those customers. According to SiteLock data, 65% of customers whose information was stolen while online shopping refuse to return to the website responsible, or simply don’t shop online any more.
How to prevent and protect against vulnerabilities
Keeping up with security patches by updating your plugins and core CMS software is just the beginning. You can also prevent vulnerabilities by:
- Being thoughtful about which plugins you use. Carefully consider whether or not you need a plugin before you install it, and remove plugins that haven’t been used or updated in over a year, as out of date plugins may contain unpatched vulnerabilities
- Securing and sanitizing forms with CAPTCHA. Exploited vulnerabilities are usually the result of malicious bots that crawl websites looking for entry points. CAPTCHA helps to block those bots.
- Installing a vulnerability scanner that provides deep website scans to find and patch vulnerabilities, such as SiteLock INFINITY or SMART PLUS.
A DDoS attack occurs when a website’s server is overloaded by “fake” traffic from a fleet of attacker-controlled computers, often called a botnet. This causes slow website loading times at best, and crashed servers at worst. DDoS attacks on small businesses rarely make headlines, but that doesn’t mean SMBs aren’t in danger. In fact, 33% of all businesses hit with a DDoS attack in 2017 were SMBs.
How DDoS attacks can affect your business
Loss of traffic and revenue
DDoS attacks mean downtime, which can greatly impact your business. Studies show that 47% of consumers expect a website to load in 2 seconds or less, so a slowed or crashed website could send your visitors into the arms of your competitors. Additionally, downtime costs small businesses an average of $427 per minute, which can be devastating to their bottom line.
How to prevent DDoS attacks
Fortunately, preventing DDoS attacks is as easy as installing a web application firewall (WAF). A WAF can block the bad bots that cause DDoS attacks, while allowing good bots and legitimate traffic to visit your site.
Website security is as essential to your business as the lock on your door or the password on your WordPress admin panel. A false sense of security is a fatal flaw that cybercriminals will gladly take advantage of – but they can be thwarted with the proper protections in place.
For more tips on protecting your business from cybersecurity threats, check out the cybersecurity podcast Decoding Security. You can get the comprehensive website security your business needs today. Call 877.563.2791 to see how SiteLock can help you protect your website.