Canadian websites are actively under threat from viruses and malware. The 2018 CIRA Canadian Internet Security Survey found that 10 percent of small businesses have had their websites brought down by an attack within the past two years. And it’s not just Canadian companies that are suffering. A recent cyberattack campaign used Canadian companies as unwitting malware relays for a worldwide hacking effort. But there is hope. Learn how online virus scans and other security tools can minimize your risk.
If you think your website might already be infected, Express Website Security is the answer. It can start cleanup in as little as 30 minutes.
Now let’s dig into the basics of viruses and malware, how to spot it online and what steps you can take to keep your website clean.
Malware and viruses: The basics
First, it’s worth breaking down the tech terminology. “Malware” is a faster way to say “malicious software” and refers to unwanted code on your website, PC or mobile device. This could be adware, spyware, ransomware, bloatware, rootkits, Trojans — you name it.
Malware is any piece of software that’s installed without your permission and does something you don’t want.
“Virus,” meanwhile, is a kind of throwback term. Rampant in the 1980s and 1990s, computer viruses acted much like their biological namesake by first “infecting” files and then spreading across corporate networks. Antivirus solutions and virus checkers emerged to fight these digital diseases and the name stuck. Although true computer viruses are now rare, most defensive tools still use the word antivirus.
Bottom line? While there’s a technical difference between malware and viruses, they’re often used interchangeably. And realistically, if your website has been compromised you’re not worried about terminology — you need a fix.
The first signs of trouble
As noted by security firm AV-TEST, more than 250,000 new malware programs are found every day. While malware makers are always looking for new ways to obscure their code and fool detection tools, infected websites typically display telltale signs, including:
Website suddenly acting sluggish? Pages loading more slowly than normal? Could be your ISP or a network issue … or it could be malware siphoning off computer resources behind the scenes. If network and bandwidth check out, you could have malware.
Strange site behavior
If users start reporting odd site behavior, it’s worth taking a look. Malware that targets websites often tries to redirect outbound links — customers or staff click on what appears to be a legitimate link that instead sends them to a compromised website, putting their data or login credentials at risk.
Malware often restricts administrative access, since admin tools can be used to spot and eliminate malicious code. If you’re suddenly having trouble accessing your site’s admin dashboard or executing specific high-level functions, you might have a problem.
No traffic heading to your website? That’s a problem. Too much traffic? Also a problem. As noted above, Canadian companies have been used as relay points for a global malware network; one telltale sign of a malware-compromised site is excessive inbound or outbound traffic.
Risks and consequences
What happens if your site is infected with malware? What’s the potential consequence?
Consider Canadian corporate mainstay Tim Hortons. According to Security Affairs, the company was hit by a malware attack in February 2018 that took connected cash registers and point-of-sale systems offline, forcing some locations to close.
Given the sheer number of double-doubles, Timbits and breakfast sandwiches consumed by Canadians day-to-day, even minimal downtime means big losses.
That’s the first potential consequence: Lost revenue because your website simply won’t work. Compromised data is also a problem. If websites are infected with ransomware, attackers can hold critical information for ransom by encrypting files. Companies must either pay up or risk having their data destroyed.
Malicious code might also mine for employee or consumer data such as financial or tax information and then sell this information on the darknet. The consequences of this include the costs of any remediation, legal fees and loss of customer trust.
Malware infections can seriously damage brand reputation if consumers believe their information isn’t safe. As reported in Canadian Security Magazine, a recent Harris Poll found that 75 percent of customers won’t buy from companies if they feel their data isn’t well-protected.
Finding a fix
Thankfully, it’s not all doom-and-gloom. The Canadian Communications Security Establishment (CSE) recently released an open-source malware detection and analysis tool to help businesses screen incoming email for malware, thereby better protecting themselves against attack.
When it comes to your website, consider an online virus scanner like GoDaddy’s Website Security.
Those who suspect their websites might already be infected should opt for the Express plan. Simply enter the name of your website, request a cleanup, identify the potential malware problems you’ve encountered and then provide your FTP or sFTP credentials so the team can get to work. GoDaddy will analyze all your files, implement necessary changes and deliver a clean, malware-free website.
If one pass doesn’t get everything, GoDaddy will come back and do it again — for free — until your site is safe.
How to play it safe
The first step is to pay attention to the signs outlined earlier. If your website suddenly has a significant spike in inbound or outbound traffic, be suspicious. If visitors begin complaining or you find you can’t access your administrative dashboard, it’s time to bring in the pros.
Here are a few other things you can do to future-proof your website against malware fallout:
Install a malware scanner
This software scans your website daily and alerts you at the first sign of trouble. GoDaddy’s Website Security is an automated virus scanner; once set up, it conducts scans with no input from you. Any malware Website Security finds is automatically deleted.
Get fired up
Use a Web Application Firewall (WAF) to proactively detect and block incoming malware threats before they reach your website (WAF is included with the Express and Deluxe plans of GoDaddy Website Security). WAF only takes a few minutes to set up and protects your website in between scans.
Train your staff
Employees might unwittingly expose your website to malware. Teach them to recognize the signs of email phishing attacks (think bad grammar, poor spelling or “URGRENT URGENT DO THIS NOW” emails) and implement security policies that include regular password changes for admin-level users.
Online virus scans: The wrap up
There’s no denying Canadian websites — regardless of size — are at risk of malware compromise. The keys to protecting your online presence are to know the signs and act quickly to remedy a compromised site. Find yourself a target? Use an online virus scan to identify and remove malicious code, then implement ongoing strategies such as WAF and internal security procedures to keep your site clean.