Research reveals that 68% of small- to medium-sized businesses have no policy to ensure cybersecurity, perhaps due to a belief that they don’t have anything worth stealing. However, the truth is that businesses of all sizes hold valuable data in their hands, and cybercriminals work to create new sophisticated attack methods to acquire this information.
An unfortunate reality for SMBs is that 43% of all cyberattacks target small businesses. Because many small business owners are often busy and strapped for time, cybersecurity might not be a top priority. In order to protect your business, customers, and data, it’s essential you’re aware of the ever-evolving methods cybercriminals use to target SMBs and their customers.
To help you get started, we break down the most common attacks into a simple cybersecurity guide for your business. We’ll examine the techniques cybercriminals deploy to target businesses and their customers. Additionally, we’ll outline some of the most common cybersecurity threats and offer steps you can take today to protect your website from cyberattacks in the future.
The Changing Cyberthreat Landscape
In our 2019 report covering website security, we analyzed the current online threat landscape to discern how it might change in the future. Over time, we predict a decrease in “noisy” attacks such as SEO spam and redirects: As malware scanners and website developers advance their techniques, these types of attacks are easier to detect and remove. Likewise, as user awareness grows, cybercriminals are also moving away from noisy attacks. However, SMB websites won’t face less risk — they’ll actually face different types of threats as cybercriminals adapt their methods.
The reality small businesses must face is that bad actors aren’t slowing down. Instead, they’re adapting and implementing new tools and stealthier techniques to achieve their objectives. Stealthy attacks are far less noticeable than noisy attacks; they’re unlikely to be noticed or remedied quickly, making them far more dangerous to website owners. For example, an attack on a website’s database to exploit sensitive data is considered stealthy — it’s unlikely that website owners will easily discover or quickly correct it, and this often leads to greater profits for cybercriminals. This makes stealthy attacks incredibly popular in the cybercrime community. Although these attacks take longer to execute, the fact that they’re more likely to go unnoticed for longer makes them a significant threat to businesses.
Cybercriminals won’t become complacent, and that means you shouldn’t, either. Read through this small business cybersecurity guide to learn how you can defend your business against the most common cybersecurity threats.
Noisy Cybersecurity Risks for SMBs
Although we’ll see a decrease in noisy attacks in the future, they’re not likely to go away. It’s important for SMBs to be knowledgeable about noisy attacks because cybercriminals still use them frequently. The good news is that noisy attacks are typically much easier to spot. Here are a few to look out for:
- Website defacement. This type of attack is easy to identify because it often involves attackers replacing images or text on your site with their own content. Cybercriminals often use this as a platform to spout a controversial political or religious message, and they might also include a shocking image to draw attention to the cybercriminal’s organization. The primary motivation behind website defacement attacks is to generate publicity, so consider defacement as a means for cybercriminals to boast their attack skills. Cybercriminals that conduct these attacks want visitors to know they were there. Depending on the content, a website defacement attack could affect your business’s reputation and turn users away from your site.
- SEO spam. If you experience a sudden plummet in your search rankings, it’s possible your site fell victim to SEO spam. This is a type of attack in which cybercriminals flood your site with hundreds of thousands of files containing irrelevant keywords and malicious backlinks. Websites hosting malicious links are often blacklisted by search engines, which prevents users from accessing your web content. If you have a blog on your site, pay special attention to the comment section; attackers often use it to flood a site with nefarious or irrelevant links, which damages your reputation and your site’s domain authority.
- URL redirects. Users typically view the domain name included in a site’s URL as evidence of a website’s legitimacy. In essence, a domain name evokes trust in users. Cybercriminals exploit that trust when deploying URL redirect attacks, a type of malware that redirects users from a legitimate site they thought they were visiting and points them toward an illegitimate one instead. If your site experiences a URL redirect — which accounts for 17% of all malware infections — you might see a brief decrease in traffic as your visitors land on another site. Along with the temporary dip in traffic, a URL redirect can also cause long-lasting damage for small businesses, including lost customers and revenue.
- Distributed denial of service. Cybercriminals conducting DDoS attacks deploy a network of hacked machines called a “botnet” to flood servers with traffic they can’t handle. If your website receives a massive number of fake requests, it might crash the server. Even when a DDoS attack doesn’t take a site completely offline, it usually slows it enough to make it unusable. This frustrates customers and can lead to significant revenue losses. On the other hand, modern cybercriminals can orchestrate this type of attack for around $25 per hour. Perhaps this low cost is why DDoS accounted for 35% of all cyberattacks in 2017 and continues to be a favorite tactic among cybercriminals.
Stealthy Cybersecurity Risks for SMBs
An increase in stealthy cybercrime means SMB website owners must educate themselves and take proactive measures to guard against these types of attacks. Once they happen, you might be unaware that your website has fallen victim to an attack until significant damage is already done. To help protect your site, here are some of the most common stealthy cybersecurity threats to be aware of:
- Phishing. With phishing attacks, the cybercriminal’s goal is to trick the victim into sharing data or sending money through a phishing email. Sometimes, phishing emails will include an attachment that, when clicked, will give cybercriminals access to the targeted network. A phishing email’s intention is to carry out a ransomware attack or compromise your network, which leaves your business susceptible to further damage and costs. Unfortunately, phishing attacks are becoming harder to detect: According to a recent study of more than 55 million emails, around 30% of phishing emails sent to organizations using Microsoft’s Office 365 made it through spam filters and into recipients’ inboxes.
- Ransomware. Ransomware is a type of malware that holds a computer or network’s information hostage until a ransom is paid, generally in bitcoin or another type of cryptocurrency. If your machine is vulnerable and you click on a malicious email link or visit an infected website, ransomware can begin to encrypt critical documents, PDFs, spreadsheets, and other files on your local machine. Once these critical files are encrypted, you’ll get an alert notifying you that decryption will occur once you pay a ransom. There’s no guarantee you’ll regain access to the encrypted files after paying the ransom, and it’s best that you work with local law enforcement to discuss the next steps.
- Backdoors. Backdoors are entry points that allow cybercriminals to maintain persistent unauthorized access to your website. Once cybercriminals install a backdoor file and have access to your website, they can expose sensitive data, change your site’s appearance, and more. Cybercriminals are becoming increasingly sophisticated in disguising backdoor files, so you might not even notice one on your site.
- SQL injections. SQL injections also take advantage of unsanitary user input forms on your site. In this type of attack, cybercriminals will inject modified SQL queries into a form (such as a contact form), which allows them to breach your back-end database and steal or destroy data. Although SQL injection is considered a stealthy threat, this type of attack will often be accompanied by several noticeable signs, including modified posts or comments, changed database passwords, new unauthorized administrators, and connectivity issues with your content management system.
- Malvertising. Cybercriminals might use one of several different techniques to execute a malvertising attack. Sometimes, they’ll hide malicious code in a legitimate advertisement using iframes or HTML elements that display ads on webpages. Other times, they’ll create a malicious ad — with some more disguised than others — and will use advertising networks to deliver the malware as if it were a real ad. Users are infected in two ways: First, they click a malicious ad. Then, they might see a pop-up prompting them to download software to “fix” the problem — but the download is actually malicious. Second, they become unknowingly infected with malware through what’s called a “drive-by download,” in which malicious software is automatically downloaded from infected websites.
How to Protect Your SMB’s Website from the Most Common Cybersecurity Threats
New attacks emerge constantly, and the overview above should help protect you from the most common cybersecurity threats. If you follow basic cybersecurity best practices and address everything in this small business cybersecurity guide, you’ll significantly reduce cybersecurity risk for your SMB. Start with these four tips:
1. Install security patches and updates regularly. Many SMBs rely on CMS applications such as WordPress and other plugins to create and maintain their websites. If you host your website on a CMS, be sure to install security patches as soon as developers release them, and update your software when new versions launch. A more complex website means a larger attack surface for cybercriminals, so only choose plugins that you absolutely need to deliver a great site experience for your visitors. Out-of-date CMS components often contain unpatched security vulnerabilities, so update them often and remove any that haven’t been used or updated within the last three months.
2. Sanitize input fields. It’s crucial to be diligent about guarding the input fields on your website; these are critical entry points for cybercriminals. You can sanitize these fields by restricting input characters. For example, if you ask visitors to type in their phone numbers, the input field should only allow numbers, dashes, and parentheses. By only allowing these predetermined characters, small businesses can help prevent cybercriminals from deploying modified queries within their database.
3. Install an automated scanner. To help secure your website, installing an automated website scanner offers comprehensive protection for your site files by detecting (and automatically removing) malware that could cause severe or permanent damage. Ultimately, the scanner should also have the capability to patch outdated security vulnerabilities found in CMS core files, ecommerce platforms, and popular plugins. These types of scanners reduce time by quickly identifying and removing threats so you can focus on your other business objectives.
4. Implement a web application firewall. To stop malicious bots and cybercriminals from ever accessing your website in the first place, install a WAF to be your website’s gatekeeper. This filters your traffic to keep bad players out while still allowing good traffic. As cyberattacks become more advanced, it’s important to ensure that your WAF provider protects against both the latest and most common cybersecurity threats.
A cyberattack can be devastating to an SMB owner, and cybercriminals are increasingly targeting businesses with limited budgets and time. Fortunately, you can take relatively simple steps and implement a comprehensive security solution to protect your website — and your customers — from the most common cybersecurity threats. This will save you time and money in the long run.
Monique Becenti is a product and channel marketing specialist at SiteLock, a cloud-based website security provider currently protecting more than 16 million websites globally. Monique is passionate about improving the customer experience for all. SiteLock’s combination of dedicated research and developmental efforts, aggressive product road maps, and access to a massive global data set make the company a leading innovator in web security.