Hospital sites. Online stores. Banking websites. Democratic systems. There’s no longer any safe space on the internet — even the smallest websites are targets for hackers looking to spread global mayhem. Think you might have joined the club? Copy and paste your URL or web address in here to scan your website for malware now.
Doing nothing is not a smart option for any small business with a website. Sixty percent of small businesses close their doors within six months of a successful cyber attack.
Marauders at the gate
Imagine this scenario: you open your laptop one morning and try to log in to your small business website but can’t. Weird. You check the username and password and try again. Still no go.
So you type your web address into your browser and it loads — except there’s a big sign saying you’ve been hacked and locked out of your website. For a small fee (the average is around $13,000), you can get your business website back.
This is what happens when your site has been infected by ransomware.
How’d it get there? It could have been when you clicked on a malicious link in an email you received from an unknown sender. Or the hacker may have stolen your login credentials (you’re not still using the same password for every account you have are you?) and simply logged in and locked you out.
Eight of the top 10 vulnerabilities hackers used most often in 2018 were flaws in Microsoft products.
Experts believe the reason Microsoft dominates the top 10 list is because its programs are so widely used.
Of course, Microsoft has released patches for all the flaws on the list but, unfortunately some people don’t apply them the minute that little update message appears on their screens. As long as you ignore the update, you’re at risk of being boarded by internet pirates.
But … why would they be interested in my tiny site?
If you have a small business or personal website, you might understandably wonder how it could be much of a target for hackers. My website? Really?
Just as thieves break into cars and houses to steal stuff they can sell, hackers break into websites to get something of value.
Many small business owners are unaware of security best practices such as regular website backups. So hackers think they’re more likely to pay if their website is compromised by ransomware — because they have no other option.
Names, addresses, dates of birth, and Social Insurance Numbers are like honey to hackers because they can be used for fraud and identity theft. Do you collect personal information from your site visitors? Even information submitted to your site through web forms like newsletter signups could be useful to criminals.
Then there are those who do what they do just because they can. Some hackers even create botnets by combining a number of hacked websites together to launch DDoS attacks on major websites.
Access to a bigger prize
The internet being what it is — an interconnected web — small business websites are often viewed as doors into other, more valuable websites owned by their partners, clients or even the government.
What you can do
Fortunately, there’s no secret to turning away hackers and thieves. To start, you’ll need to learn a few good habits:
- Accept software updates as soon as you’re notified.
- Back up your website every day, either manually or by using an automated tool.
- Use strong passwords for every website, including your own — no duplicates. Change them every three months.
Anyone who has access to your web files — employees, web developers — must also agree to adopt these habits.
Next, get a few good tools:
- An SSL Certificate to keep anyone from eavesdropping on exchanges (including sales transactions) between you and your site visitors. You can either pay for one or, if you understand shell commands and have shell access to your hosting account, you can use a free SSL.
- Start using a malware scanner to look for and remove suspicious code from your site every day.
- Get a Web Application Firewall (WAF) to inspect all incoming data. A WAF turns away malicious code but allows legitimate traffic to pass.
Scan your website for malware, then take action
Malware, ransomware and cyber attacks are a real threat for anyone with a website. Business owners can no longer just assume they’re too small for hackers to bother with.
What they can do is scan their websites to make sure they’re not already infected, then adopt the habits and tools listed above. Taken together, these strategies will greatly decrease their odds of falling prey to hackers.