You could be forgiven for thinking that only large multi-national companies, banks and government agencies are targeted by cyber criminals, after all we’ve all seen huge organisations such as Talk Talk, Sony and even the US presidential election hacked, but you would be wrong. There has been a massive increase in small business cyber-attacks over the last few years. In fact, according to recent studies over 40% of cyber-attacks are aimed at SME’s. It’s often a challenge for smaller companies to protect themselves from potential threats as they often don’t know they have become a target until it’s too late to do anything about it.
Your site may be small and you might think you have nothing valuable to offer a hacker but these people use automated tools and sophisticated software to find vulnerable sites, this means there is no consideration for size or industry and any website is a potential target.
Your website more than likely offers some form of communication with its visitors and when any interaction takes place you have a potential web security risk. These include;
Yes, I hear you cry, but I don’t take online payments so what harm can a hacker do? Well, believe me, a lot! Although lots of cyber-attacks are aimed at stealing credit card or banking details there are many other ways a hacker can cause chaos.
Distributed denial of service or DDoS attacks as they are more often called are one of the most common cyber-crimes, multiple compromised systems, often infected with a Trojan, are used to maliciously target a single system resulting in a Denial of Service.
A program designed to infect and damage a system, Malware is a general term which can cover everything from advertising software to viruses. It can also transfer the user into other hacked devices controlled by one or more hackers, yes believe it or not these people do have friends and unfortunately for your business are happy to share their successes. These networks can also be used for DDoS attacks.
Former disgruntled employees can gain access to your website and cause damage to your reputation and business so it is essential that all access is revoked after a contract has been terminated.
This involves exploiting the website and the impact to a small business can be dramatic, especially when the hacker compromises legacy systems and accesses internal data, it can be used to undermine customer's trust in your company, alter or completely destroy a database's content.
Hackers use sophisticated dictionary programs until they find the right combination to gain access as well as keylogging software which tracks all of a person's keystrokes, including passwords and log ins and consequently gives them the right ones needed to gain access to sensitive information.
We've all heard of spam which is where the hacker sends out bulk emails, so with either advertising or phishing scams. If these are sent out repeatedly and are traced back to your website or hosting, the server may be blacklisted, stopping your business from sending legitimate emails.
This is where emails are sent in order to scam the user into giving private information that can be used to steal money or for identity theft. We've all had these dodgy emails at some point, they are extremely common and the last thing your business needs is one of these scams being traced back to you instead of the real culprit.
You wouldn't leave home and leave your door unlocked so why do it with your website? Security measures are important and there are things you can do to prevent cyber-criminals from targeting your business website including:
A strong password is the first step in website security and it needs to be regularly changed the best way to this is to use a password manager they can create complex passwords and store them so you don't need to remember them every time you log in. Some great password managers include Soft-o, KeePass and Dashlane.
These keep software such as content management systems safe from vulnerabilities, and are the responsibility of your hosting company so be sure to check they have these important measures in place.
This will encrypt data as it transfers between the server and browser, making it completely useless to cyber criminals if they intercept it.
This will give a heads up on any negative trends which could be due to hacking activity of course this could also be impacted by poor website design or content but if your website is usually ranked highly and suddenly drops dramatically it could be a sign you've been targeted by hackers.
Imagine losing all the data stored on your site, scary thought uh? A good tip is to have some off-site backups and verify routinely, so that if you ever need to restore from backups, the data is up to date and usable.
WordPress sites can be particularly vulnerable to hackers and plug-ins play a large part in this, always make sure when using a plug-in that it comes from a trusted source, don't use abandoned plug-ins and keep them updated regularly.
The bottom line is, without proper security measures your website is at risk and the damage caused by a cyber-attack can be devastating. Minimise this risk by making sure you implement the best security measures possible.
Give SearchRise Marketing a call to discuss how we can help keep your business website safe and secure.