A backdoor attack is a type of malware that gives cybercriminals unauthorized access to a website. Cybercriminals install the malware through unsecured points of entry, such as outdated plug-ins or input fields. Once they enter through the back door, they have access to all your company’s data, including customers’ personal identifiable information (PII).
As the name suggests, a backdoor attack is stealthy, and cybercriminals often slip in undetected.
Small and midsize businesses are particularly vulnerable to backdoor attacks because they tend to have fewer resources to close off entry points or identify successful attacks. Cybercriminals know that SMBs often lack the budget or security experts to prevent and mitigate attacks. That’s likely why 43% of cyberattacks are aimed at small businesses.
The Consequences of Backdoor Attacks for Small Businesses
Because small businesses are at a high risk of security breaches, they need to be hyperaware of threats. Taking proactive measures to secure your website and prevent backdoor attacks is critical if you want to avoid the financial fallout of a successful attack. The average cost of a data breach can exceed $100,000 for SMBs, and that doesn’t include the high price tag associated with repairing a business’s reputation and rebuilding customer trust. It’s not surprising, then, that the average small business closes only six months after a cyberattack.
As cybercrime increases, your security measures should, too. Backdoor attacks increased by 173% between 2017 and 2018. And in the second quarter of 2018, SiteLock research determined that 43% of all infected websites contained at least one backdoor file.
The problem is only getting worse as backdoor detection becomes more difficult. Cybercriminals are creating new strains of malware that can bypass malware scanners without detection. The longer an attack goes undetected, the more it will damage a business. According to IBM Security and the Ponemon Institute, companies that can stop a breach within 30 days save more than $1 million compared to those that take over 30 days ($3.09 million versus $4.25 million)
As cybercrime advances and backdoor attacks become even more prevalent, it’s vital that small businesses pay close attention to their cybersecurity efforts.
How to Prevent Backdoor Attacks
The best line of defense against backdoor malware for any website owner is a website scanner that can mitigate malware, patch vulnerabilities, and alert the administrator of potential security threats.
Because cybercriminals are creating new malware specifically to bypass scanners, you need to ensure your cybersecurity partner performs adequate research to detect and review new types of malware on a regular basis. Your partner should then update the scanner’s signature database with each new iteration it finds.
In addition to a website scanner, you should install a web application firewall to protect the perimeter of your website by keeping bad actors at bay. A WAF differentiates good traffic (like real customers) from bad traffic (like malicious bots) and prevents the bad traffic from gaining access to your site.
What to Do If You Suspect a Backdoor Attack
If backdoor malware slips past your security measures, it’s best to mitigate the problem as quickly and efficiently as possible to keep costs and reputational damage to a minimum. Take the following steps to close the back door:
- Review the logs in the website scanner to identify any files that are consistently being removed.
- Ask your cybersecurity vendor or IT team to review the site access logs for anything out of the ordinary.
- Audit the CMS and uninstall any unused plug-ins, taking care to remove the files from the file manager.
- Update all the plug-ins and themes on the website or else reinstall all core files to your CMS. You can download a new copy of your CMS by going to the WordPress or Drupal site and downloading all your files.
- Keep an off-site backup of the site that’s confirmed to be free of back doors. If the back door can’t be found after an attack, the only solution may be reverting to a “clean” version of the site.
If your small business hasn’t yet taken measures to prevent a backdoor attack, now is the time to do so. As backdoor detection becomes more difficult and cybercrime increases, small business cybersecurity is more important than ever. Make sure you not only have reliable tools such as a website scanner and WAF to stop cybercriminals in their tracks, but also know what to do if an attack does break through your defenses.
Monique Becenti is a product and channel marketing specialist at SiteLock, a cloud-based website security provider currently protecting more than 12 million websites globally. Monique is passionate about improving the customer experience for all. SiteLock’s combination of dedicated research and developmental efforts, aggressive product road maps, and access to a massive global data set make the company a leading innovator in web security.