Over the past couple of years, it has become apparent that similar to home and office computers needing anti-virus software and a firewall to keep them protected, individual websites have become a prime target for hackers, and they too require some form of protection. As it becomes a more lucrative racket for hackers worldwide, it’s more important than ever to understand what malware, or malicious software, is, and how it has increasingly become a problem for websites of all sizes. Before we talk about how a website can be protected from malware, let’s first cover some common purposes of malware, how it generally works and what it means for a website after it’s infected.
It may come as a surprise to learn that a hacker who infects a site with malware is often not really targeting that site at all. Instead, a common goal of hackers is to commandeer the resources available to the site and to use them for their own purposes. If you’ve ever wondered how your spam folder gets filled up time and time again, wonder no more! While plenty of it comes from servers in less regulated countries, a large portion of it comes from compromised websites. Every day, hackers find new methods to infect websites with code that is designed to force the site and its server to send out large volumes of all that unwanted email. The work often comes full circle as some of those same compromised sites will be infected with additional code intended to hack other sites in an automated fashion. The result is a large network of sites/computers/servers all working autonomously, yet together, to continue hacking and sending spam. This collection of resources is what’s referred to as a botnet – A robotic network.
Another common purpose of a botnet is to send an overwhelming volume of very small requests to a server with the intent of overloading and disabling it. This is what we call a DDoS, or distributed denial of service attack. Due to the fact that the requests are distributed across such a wide array of sources, and the volume of requests is generally very large, it becomes very difficult to trace and block the attack, and often times the targeted server is effectively rendered out of service. Unlike a spam botnet, this type of malware is generally targeted at something specific. Not only will it disable the target, but often times many of the unaware sources see adverse effects as well. Check out our three-part deep-dive into the world of DDoS attacks for more.
Of course, there is also the most feared of all hackers – Someone looking to steal sensitive data from a website. Whether it is credit card info, medical records or even just names and addresses, commerce in the 21st century all but demands we allow online businesses to harbor large collections of personal, sensitive information about us. It is up to the website proprietors to ensure that data stays safe. While a lot of the methods of intrusion are particular to the site and information at hand, there are common methods employed such as brute force attacks, cross-site scripting (XSS) and SQL injection, all of which can be thwarted before they happen.
To learn more about different types of malware and how they work, and to learn what tools may be the right fit to protect your site from the OWASP Top 10 Security Threats, contact SiteLock today and begin a free consultation with our website security experts.