Home > Marketing > Your website is under attack

Your website is under attack

Release Date

09 October 2015

Malicious attacks to deface, cripple and hijack websites are increasing in frequency and efficacy; they have the potential to affect your business regardless of your business size, industry or geographic location.
Many businesses incorrectly assume they are an unlikely target; malicious attacks are often automated, looking to cause meaningless damage to any vulnerable website, regardless of the businesses profile. 
All Content Management Systems (CMS)1 suffer from vulnerabilities; often the CMS vendor will release security patches and updates that may reduce the methods for a malicious attack to exploit the website. 
Ensuring your website CMS is kept up-to-date with the latest security release is essential, additional measures are necessary to protect your website investment.  

Why you need to backup and secure your website now! 
Consider the following:
  • It is estimated between 6,0002 and 30,0003  websites suffer from a malicious attack daily, what if your website is next?
  • If you accidentally delete the wrong file or break something, what would you do?
  • Your website host has a failure, deleting your website, who will help you?  
All of the above are frequent occurrences and unfortunately there are many other scenarios which can cause your website to break or go down. 
Without a backup, you’re relying on good luck and will need to engage developers to help recover your site, without a copy of the website code and design; this could result in a full redevelopment project.  This will be time consuming and costly.
Backups are essential for recovery once a malicious attack is successful, it is equally important to put in place preventative measures that may help stop an attack from succeeding. 
Whether it’s a visible attack to deface your website, or an attempt to hijack your site and implant a virus (which may compromise your customer details), hacked websites are bad news and will damage your reputation.
Once a site is hacked, search engines such as Google will blacklist the site, once blacklisted, most browsers and anti-virus programs will block access to the site. This leads to a large drop in site visitors, sales, and brand damage. The effects of this damage on your website search ranking and online performance can take many months to repair.

There are ways to help reduce the likelihood of a successful attack, continue reading to find out more. 
What you can do: 

Strong passwords: Many attacks on websites are automated ‘Brute force’ attempts, this type of attack leverages the fact that users tend to select easy to remember, common passwords. A Brute force attack will attempt to log-in to your website using 100’s of common username and password combinations, until it finds one that works.

Manage users: Remove any previous developer, friend or employee’s access to your website once it is no longer required. Aim to restrict the number of users with administrative rights to your website to an absolute minimum.

Security plugins: Many CMS systems have free and low cost plugins that can offer some form of protection; they typically work best against Brute force attacks. While useful, these are reactive as the attack is already occurring.

Automated backups: Do not assume that your host is backing up your website; investigate options to backup your website. The frequency of your backup should be determined by how often you add content and whether your website is used for transactions, consider a weekly backup as minimum for most basic websites. Many backup methods can be automated and require little management ongoing.

Cloud firewall: An effective method to help prevent malicious attacks on your website is the use of a firewall. A firewall will scan all website traffic before it reaches your website; these firewalls are always updated and identify trends quickly. If a suspected attack occurs, access to your site will be prevented.

CMS updates: Review the available patches and updates for your CMS, ensure your website is updated every 3-6 months at a minimum. This process may require the assistance of your website developer, you may also benefit from enhanced functionality and stability through these updates.

Australian Business Consulting & Solutions can help safeguard your website investment; we offer a range of support and security packages to help you.  
Joshua has worked with large and small businesses to build their online presence. He is experienced in the project management of ecommerce, general websites, promotional landing pages and email marketing EDMS. Joshua also provides digital marketing coaching to small and medium enterprises in Sydney, helping them achieve better results online. 
Joshua enjoys working closely with businesses to ensure their objectives are met on time and on budget, he is Prince2 Practitioner certified and believes in continuous improvement.
Contact Joshua to find out how he can help with the support and security of your website: Joshua.Keefe@australianbusiness.com.au

1. Content management systems are the platforms / software applications that allow the creation and management of websites. 
2. http://www.stopthehacker.com/wp-content/uploads/2012/02/How-do-Websites-get-Hacked-and-Blacklisted4.pdf 
3. http://www.forbes.com/sites/jameslyne/2013/09/06/30000-web-sites-hacked-a-day-how-do-you-host-yours/  

Contact Us

Call Us on 1800 505 529
Submit Enquiry