Picture this: you’re going about your business online; writing the ol’ blog post, replying to a reader, preparing your newsletter, when a subtle message pops up in the corner. You get a notification that your website has malware – you’ve been hacked. A perilous situation for your website, and one that will assuredly instill why you should take website security seriously.
As with most victim-based crimes, the possibility of it happening always seems low until it happens to you. While this may be the case generally, a way to lessen the possibility further and take action into your own hands is to prioritize the security of your website. Hoping your website will be okay because “why would anyone want to hack me?” is not a good system to have in place.
When trying to keep your website secure you need actionable protective systems, and 24/7 security. Hackers and cybercriminals offer no prior warning to their attacks and will be hoping to catch you off guard, which is why you need your website to be on constant alert. Imagine receiving an email stating: “As per my last mail, I’ll commence hacking at 2am local time”. If only these bad actors were that courteous.
The estimated cost of cybercrimes on businesses and people totals at $6 trillion (R95 trillion). In the case of these criminals, crime does pay, and we’re the ones who pay them. That’s why the importance of website security cannot be overstated. With some good security measures and basic security training we can remove these bad actors from our businesses and personal payrolls.
What can hackers do if you have poor website security?
About 35% of small businesses break down due to malware attacks. That’s one in three businesses. Given the time, finances, and effort into starting, maintaining, and running a business, it’s almost unfair that a single hack can floor a company.
Unfortunately, that is the state of the online world at present. A good way to counteract your business or website falling into that statistic is to understand what hackers are after, what they do, and what you can do to keep your online website secure.
Hackers don’t operate the same way criminals breaking into your home might; where they plan or look for vulnerabilities in and around your property. Hackers largely use specific hardware and software that combs through thousands of computers looking for any vulnerabilities or preinstalled software that will allow them into a backdoor.
Think of it as a fishing ship casting a net not looking for a specific fish. They’ll take whatever they catch and find some or other use for it. So, if you’re a small company or don’t have plenty of money, they’ll find a use for you. If you’re a large company or having plenty in your savings, they’ll find a way to use that as well.
One of the more notable consequences of a hack that could likely turn a company belly up and take years to recover from. If a hacker manages to get inside a website with customer data, all the customers could be compromised as their personal details are readily accessible to the cybercriminals.
Imagine having your Takealot or Amazon details shared with a hacker. They’d make off with whatever they can using your account to pay and keep your personal and banking details for their other wicked plans. They’d also use your details to make purchases on the dark web, perhaps even selling your personal information as well.
If something of the sort happened, you’d likely never shop at that website again, and they’d go out of business as the trust would be eviscerated. It works the same way for smaller websites, even those with just newsletter subscribers.
With the relevant personal information, they could impersonate you or a brand and ask you to click on a link, which would install malware onto your device. They’d then have access to your device and spread from there. It truly can become a slippery slope with a rapid descent to ruin for people and companies.
2. Blackmail & ransomware
If a hacker successfully gains control of your device, they could access all your personal files and documents, from pictures, to bank statements, to the medical records you have stored. With those, they could demand a ransom or blackmail you into helping them with their criminal activities.
The average cost of a ransomware attack on a company is R2,1 million. While it may not be as high for the standard individual, it will be high based on the relevant income of a person. This is because hackers use the personal information they have to find out more about you through social media or whatever files they access on your device.
For instance, if you’re constantly posting pictures in expensive restaurants or while vacationing, they’ll know you can afford a lot more than the person who posts a picture sharing a sandwich with their dog. We’re not saying to show yourself living a frugal lifestyle, but it’s important to know who could be watching.
3. Use your device as a front for their hacks
On occasion, hackers will take over your device with the intention of conducting their villainous deeds with your device as the meeting station – all unbeknownst to you. They could open up access to your device to thousands of other hackers and from there hit websites or companies with impunity.
When a team of security analysts eventually trace the source to your device, you’re caught holding the bag.
Think of it as working the storefront for the mafia. You may be none the wiser about what goes on in the back, but when the police busts down the door, you’ll likely be arrested as well. Proving your innocence in that case is a position you’d rather not want to be in.
How to make your website secure
Despite the risks being online presents, there are ways to protect yourself, your website, and your company from hackers. The good people at various antivirus & malware companies help offer a layer of protection against many of these attacks.
Secure your website with a reputable antivirus
What you can do to from your side is ensure that you have the latest version of a reputable antivirus software program as well as an updated firewall. They’re often the first step at keeping your online experience hack-free.
Secure your passwords properly
Keep your passwords in a secure location. Don’t store them on your PC unless it’s a secure password website like LastPass or PassBolt. Ideally you want to have them written down and stashed away so if your device is compromised the passwords are not anywhere on the device.
Implement two-factor authentication
Opt for two-factor authentication on any account that allows it. This makes it so that if your PC is compromised, they’d still need access to your phone or a separate device to get into any of your accounts.
Educate yourself and staff with a cyber security course
Learn cybersecurity protocols and train staff to do the same. As with any self-defence class, one of the key lessons is knowing how to identify a dangerous situation. Pay attention to links, files, and phishing emails. Know how to spot them, and how to deal with them. Clicking on any link you find making some special claim is often a trap. If you know what to look for you’re less likely to fall for one of the classic blunders of the online world.
Use a VPN
Use a VPN when you’re using Wi-Fi outside your home, in a public area.
Approximately 95% of all breaches are human error. That means many of these hacks could be avoided if we are vigilant and properly trained. Don’t skim on the security protocols. Ensure that you do the right things right and it’s unlikely that you’ll fall victim to these online hooligans.