September 13, 2018
It’s straightforward to launch a website nowadays. Countless web development tools have made it so convenient and quick that entrepreneurs even tend to forget about the existence of cyber threats . Since the focus is on growth and attracting a target audience, cybersecurity matters are frequently postponed or very low on the agenda. Moreover, website owners often do not see themselves as worthy targets and may be lulled into a false sense of security.
This kind of thinking is deceptive, however. Websites are under attack 44 times a day on average, and the root causes for that might be as diverse as hacking, scamming, and human errors. So how can you tell whether your site has been affected? And if you suspect this is the case, what should you do next? Let’s take a look at the signs of website compromise and how you can respond effectively.
Is Your Website and Data at Risk?
Here’s how you might be able to find out:
Sudden spikes in traffic
Your number of visitors and page views booming unexpectedly could mean that your marketing team has done an excellent job at promoting your website. Or you might be the victim of a distributed denial-of-service (DDoS) attack. If so, large chunks of fake traffic are generated and drying up your hosting resources, making loading times very long and preventing real users from accessing your site. What’s more, unusually high outbound traffic may indicate that your website is being exploited for the execution of DDoS attacks on somebody else.
Alerts and traffic decreasing quickly
A sudden drop in traffic is a bad sign as well. Search engines and web browsers may have found something wrong with your site and started to display security warnings every time someone is coming to visit your page — with the effect of severely impacting your search engine ranking. Alerts may also come from your hosting provider that has detected malicious activities and, therefore, recommends or forces you to put your website offline until the issue is resolved.
More phishing attacks than usual
You cannot realistically avoid all phishing attacks. But when your employees are suddenly bombarded with many fraudulent emails containing credible demands for sensitive data or money transfers, it’s probably because scammers are actively targeting you. Phishy messages generally contain urgent requests, playing on the fear that something bad will occur if nothing is done within a short period of time. Other red flags include poor grammar, generic greetings — e.g., “dear customer” — and spoofed email addresses.
Strange and inappropriate behaviors
Last but not least, your customers and employees may also send you signals that things aren’t right. Visitors might keep on complaining about suspicious redirects or features not working correctly — representing possible attempts to forge your website. Or you may notice suboptimal cybersecurity practices including weak passwords and inappropriate access rights and privileges.
How Can You Respond Effectively?
Now let’s see what you can do:
Identify the root of the problem
Every type of attack — DDoS, phishing, hacking, forgery, etc. — has specific causes and effects. So start analyzing your website with those threats in mind, looking at what data has been at risk and which applications do not function the way they should. Very importantly, open the communication with your staff, customers, and other stakeholders to collect as many details as possible.
Take immediate steps to fix the vulnerability
The longer you wait before dealing with an attack, the worse it’s likely to get. Make sure your IT team is on red alert and ask them to thoroughly scan your online assets, review whether a vulnerability might come from a third-party, isolate and clean malicious files, and rewrite code where necessary. Additionally, contact your hosting provider’s support team to retrieve more information about similar threats their other hosted websites may have faced.
Communicate with visitors and customers
Don’t forget to keep your subscribers in the loop. Be open about the fact that your site may have been compromised and explain how you are doing your best to take control of the situation and ensure private data is safe. Where relevant, post instructions about how to detect hackers and scammers’ traps — notably, fake versions of your pages, malware, and phishing emails. Of course, also let everyone know once security gaps have been overcome.
Invest wisely in cybersecurity
How do you prevent attacks and human errors in the future? You can train your employees about emerging threats and set security best practices — e.g., strong passwords, controlled access rights, and always reporting bugs and human errors.
On top of that, see how you can upgrade your security tech stack. For instance, you may encrypt your website with SSL certificates, protect your email communications from man-in-the-middle attacks with DKIM and DMARC authentication methods, as well as install error prevention solutions capable of spotting spoofed email addresses.
Bottom line: Website owners juggle many aspects as they launch and grow ventures online, and a crucial one is the ability to detect and tackle a large variety of cyber threats before they cause significant damages.
Alexandre François is Head of Content and Marketing at Safesend Software . He enjoys sharing best practices and practical tips that individuals and businesses can use to protect themselves against cyber threats.