Small business awareness of digital security keeps increasing. But this increased awareness leads cybercriminals to adapt. And this includes launching stealthier methods of attack.
2019 Cybersecurity Statistics
The SiteLock 2019 Website Security Report says these criminals now focus on quieter attacks. But that doesn’t mean they have decreased. Because attacks increased by 59% for 2018. And by December 2018 the number of attacks peaked at 80 per day. Data shows an average of 62 for the whole year.
So small business owners must try to stay continually informed. And they must make it as hard as possible for hackers. SiteLock says its report should, “Help website owners understand today’s attack surface, enabling them to make educated and proactive decisions about their website security in the future.”
The report looks at attack patterns and risk factors. But it also analyzes web code vulnerabilities. And malware types get a mention as well. The report also covered the move to stealthy attacks by cybercriminals.
Key Takeaways
More than 330 bots carried out the average of 62 daily attacks in 2018. These attacks resulted in a consistent 1% rate of infected websites.
One percent seems small. But it translates to 17.6 million websites globally at any given time. Still SiteLock reports security solutions have become more effective. And this especially applies to defending against high-volume and sophisticated attacks.
Take a look at the SiteLock infographic below.
Vulnerabilities
The SiteLock analysis looked at three types of common vulnerabilities in 2018. These include cross-site scripting (XSS), SQL injection (SQLi), and cross-site request forgery (CSRF).
WordPress, Joomla!, and Drupal now make up 38% of the sites on the internet. So most small business owners use these CMS platforms. And all three can prove vulnerable to cyber threats without an experienced developer.
The CMS sites are vulnerable even with the latest patches. SiteLock recommends teams to prevent vulnerabilities by implementing a holistic website security strategy.
More data in the infographic below.
Malware
Hackers are using malware such as backdoors, shells, and JavaScript files. And they are repurposing previous malware to develop new strains and hijack visitors or the website. The goal is not to control the site.
Launching the quite or symptomless attacks allows the criminals to view, modify, or steal content and data from its victims’ websites without increasing any awareness. SiteLock says this is a departure from the previous way of doing things for hackers.
Malware-infected website is another growing danger but owners assume a search engine will inform them of this fact. The report says only 15% of malware-infected websites are blacklisted. This leaves the vast majority or 85% anonymous.
Take a look at what malware are attacking.
Stay Ahead of the Game
If there is one constant in the digital ecosystem, it is the relentless attacks by hackers 24/7. At the end of the day, if someone wants your data bad enough they will eventually get it. But for the vast majority of small business owners, being proactive with some strong precautions is enough.
The advice from SiteLock is invaluable because understanding the threat landscape is key to taking preventative and follow-up actions
SiteLock recommends proper cyber hygiene and a proactive website security plan so you can ensure your cybersecurity strategy. This will confirm it is effective and your website remains secure in 2019.
Creating an effective security strategy starts with the SiteLock 2019 checklist:
- Choose strong passwords and unique usernames
- Use an inside-out malware scanner that scans daily and automatically removes malware
- Implement a website application firewall to block malicious traffic and attacks
- Conduct quarterly website audits and file review for unusual file names or content
- Remove outdated and unused plugins
- Use a tool that automatically patches vulnerabilities in applications, plugins, and themes
- Select open-source applications based on security factors, such as date of the last update
- Offer ongoing company-wide cybersecurity training
The Report
The SiteLock 2019 Website Security Report analyzed more than 6 million websites. The goal of the analysis was to determine which were the most widespread threats facing websites today.
The company used proprietary algorithms and technology to both identify the top risks and emerging trends in 2019.
Please download the full report here and read it.
Image: Depositphotos.com