Wednesday, August 15th, 2018

W WebWorks by Terry Young
Cybersecurity



CYBERSECURITY


Not only a risk for mega-corporations


Most of us have been victim to some kind of breach in data security.   We all know someone who has had credit cards replaced over the years because they had been compromised somewhere, whether online, at a store, gas station or restaurant.     

While breaches against larger corporations, financial institutions or governments are reported,  they also happen daily to small businesses.



When I meet with prospective clients, they are surprised when I show them how many hacking attempts target our existing clients' websites daily.         

Fortunately, our WebUpdate system stops them.

WebUpdate prevents anywhere from 200 to 7,000 hack attempts each day against our clients' websites. 

As I write this at 11 a.m., there have been almost 300 attempts so far today, coming from different IP addresses worldwide, as far afield as Chile, Algeria, Colombia, Indonesia and Syria.

All of these were trying to access our clients' sites. None of our clients are large government or corporate entities, just small local businesses. Our websites detect these attempts. The hackers have had that one try, then they are blocked from all of our clients' sites.

Of all the attempts, 99 percent are targeting Open Source websites, such as WordPress, Joomla andDrupal, because these have so many security flaws.

Millions of smaller companies have bought WordPress sites, not knowing about attacks until it's too late.  Literally hundreds of thousands of WordPress sites are hacked at a time.


For hackers, small local business sites
which are not being monitored regularly
are perfect targets.


For hackers, small local business sites which are not being monitored regularly are perfect targets.         

Like a burglar targeting a remote, empty house, the hacker has time to keep probing unti l they get in. Once the site has been compromised, they can work for weeks or months without discovery.

What could hackers do?  It depends on their motives.  They can use your site to send out spam/virus emails - resulting in your IP/email address being blacklisted, making it hard to email clients.

They can use your site and thousands of others to overload large websites, in denial-of-service attacks.

I have personally seen hackers upload fake bank website-looking files, to obtain people's credit card information or steal identities.  If that happens, Federal law enforcement can get involved.

What can you do?  If you have a WordPress website, your web designer must regularly monitor and immediately apply security patches to your site and to any plug-ins they used.  They must check the site's security and access logs at least weekly, and also monitor the site's files, ensuring that nothing malicious has been uploaded.

If you have concerns with your web security, now is the time to look at our WebUpdate sites.  Better than Open Source, they utilize advanced security, SEO, social, and responsive features to give your business the best competitive edge online.




Terry Young is the founder and CEO of Internet Marketing and Design,
the award winning web and multimedia design agency in Chesapeake.