- Category: August 2013 - Data Protection & Security
Ordering a bikini or summer dress last minute online, or booking a hotel room quickly, whatever you do in cyberspace, be aware that malware can catch you.
Even your most trusted website can secretly install a Trojan on your computer or spy on your online banking details or credit card information, simply because conventional information security measures, including anti-virus and next-generation firewalls, aren't enough to protect your organization from today's deluge of sophisticated web threats anymore, Websense states in its 2013 Threat Report.
In fact, malicious web attacks are no longer a rarity with a nearly 6-fold increase in malicious sites worldwide, according to the information security expert. New about it is the fact that 85% were from reputable websites. The report details further how advanced threats are specifically targeting mobile devices as well as social media, and rendering traditional security solutions ineffective.
Business pages targeted by cybercriminals
Cybercriminals that manipulate banner ads on high traffic websites are no longer a rarity either. They include them in online offers of well-known news and lifestyle magazines, newspapers and job exchanges, injecting malicious codes that can take advantage of known vulnerabilities to nestle mischievous programs on the computers of the website visitors. The banners do not even have to be clicked in order to develop their dangerous effect, making unsuspecting visitors to culprits that spread viruses, send hundreds of thousands of spam e-mails, or even carried out coordinated cyber-attacks.
But not only large, well-known sites are endangered to become a target for cybercriminals. More and more often the websites of small and medium enterprises (SMEs) are jeopardized, as they often invest time and money in security only in the beginning until they have a representative site, but tick the subject mentally off later on. However, only care and regular maintenance ensures benefits and safety in the long run.
Neglected websites, instead, not only pose security risks to operators, customers and business partners, but can have significant economic consequences such as hardware failure, deletion or modifications of information, disclosure of sensitive customer data or destruction of IT infrastructure, too. If a website spreads malicious programs, the operator is liable for third party damage and website visitors can take legal action against them. Besides that, fines and possible shutdown of the website are possible and can even become a threat to a company's existence.
Better taking care than losing out
In order to prevent great damage and to protect your website from becoming a security risk, take a look at the following security maintenance measures you can start with today. Remember prevention is better than cure, so rather than having to remove a malicious program, don‘t let it happen in the first place:
- Keep the operating system and services of the server up to date and check regularly for viruses;
- Keep the software of the website up to date and always remove the old one from the server;
- Disable unnecessary server services and close the ports;
- Perform regular backups of software and databases;
- Give access to the web application firewall;
- Delete/deactivate no longer required user accounts;
- Purchase software only from trusted sources;
- Transfer and store confidential data ONLY when encrypted;
- Change access to the server or the website on a regular basis;
10. Check website regularly regarding manipulation by third parties or malicious codes.
By Daniela La Marca