Malware is evolving. Is your website security keeping up?


Date: 9 May 2013

Broken window - shop malware protectionA shopkeeper would never consider leaving his store unlocked with the lights on and the cash register open and then going home for the evening.

He'd quickly be out of business and the loss of his store could be a blow to his community-letting down customers who depend on him and the staff who would be out of a job.

Your website is like that shop

Now so many people have set up websites, either as businesses in their own right or to augment existing bricks-and-mortar stores, plenty of criminals have followed them into cyberspace.

No matter what sort of website you runm it may be vulnerable to attack from criminals. They can mount their attacks from any location in the world as long as they have internet access.

You could run an online shop from your home in Wisconsin, for example, and be a ripe target for a hacker who lives halfway around the world in a country you've never even heard of.

Just as you have to defend your bricks-and-mortar store against burglars and keep the premises safe for your employees, visitors and loyal customers, you must defend your website against attacks from hackers and other criminals who use malware.

Or buy IT equipment now from these trusted suppliers:

Spend time on security

It's not uncommon for business owners to spend little or no time on security as they focus on selling through the websites. There are other demands on their time, too - like making sure they publish fresh content regularly to stay relevant in the eyes of search engines.

However, you don't need to be a computer programmer or security expert to ensure the safety of your website against malware. You can take advantage of an intelligent malware detection and removal service that will monitor your site for you.

What is malware?

Malware is malicious software designed to do things like steal personal information and take control of a user's computer, so the criminal can use it for their own purposes.

The consequences of malware can include identity theft, financial losses and damage to your company's reputation.

What's more, if your site has been infected with malware, search engines will downgrade you in their search results. If the hackers haven't completely trashed your site, being blacklisted can push you over the cliff, resulting in a catastrophic decrease in traffic as people avoid your infected website.

In the early days of the Internet, malware quickly spread from computer to computer, infecting them by the thousands. It has grown to include a whole range of threats, including trojan horses (software that seems innocent but causes destruction), keyloggers that record your login information and viruses that can wipe out all of your data.

The battle against malware

As people take steps to defend their websites, the criminals and hackers keep improving their malware. This evolution of malware demands the evolution of website security. You cannot be complacent. You must do something to safeguard your online business.

For example, a denial of service trojan can send so much traffic to your site that it will crash. Other types of trojan can expose you or your customers' personal information to hackers. Some malware can rewrite your site's source code, enabling hackers to run adverts for unscrupulous companies.

As you can see, there are plenty of nasty tricks that hackers use to destroy your website and ruin your business. That's the last thing you want.

Don't rely on vulnerability assessments

You may be approached by a security firm that proposes doing a vulnerability assessment of your website.

While it's always a good idea to pinpoint weaknesses so you can make improvements, these assessments are not enough to protect you. Because you can never patch all your vulnerabilities all the time (what happens when you're on holiday, for example?), your site will remain vulnerable to the next unanticipated attack.

Similarly, malware detection that relies on recognising the characteristics of known malware (called 'signature-based malware detection') will not provide significant protection. New malware appears every day, and it isn't alway sadded to the signature databases in time.

The best way to stay safe from malware is to use a malware detection service that can detect these new strains. This is the only way to guarantee your site will be protected from malicious code.

This is a guest post from Anirban Banerjee, CTO & co-founder of StopTheHacker, a leading website security company offering cloud-based malware detection and protection for website and online shop owners.

What does the * mean?

If a link has a * this means it is an affiliate link. To find out more, see our FAQs.