Fall 2019 Newsletter: Web Security

‘sup with the WWW?

 You thought Washington D.C. was a quagmire…

  • The cost of cybercrime damages will reach $6 trillion annually (increase $3 trillion from the previous year) by 2021 quickly becoming more profitable than the illegal drug trade.
  • 81% data breaches happen due to weak or stolen passwords. (Muave98 is not a good PW.)
  • Over 40% attacks target small and medium-sized businesses. (FYI, this will increase. Guess it is good to be smaller, 'cause the other 60% is for the big guys.)
  • 59% of companies suffered hack by malicious code, malware, and botnets. (Get vaccinated, this code spreads.)
  • 300,000 new malware are created every day. (Somebody is busy.)
  • Around 4000 ransomware attacks happen daily. (Remember the days of airline hijacking? This is just more efficient and widespread.)
  • 1 out of every 131 emails has been found to contain malware. (Not a website, but  important. And more often it looks like it's coming from someone you know, legit.)
Source – Website Hosting Rating

Security, functionality and browser compatibility are affected by the ever-changing landscape of the Internet.  Security is of the upmost importance.  Our protocols minimize the opportunities for a site breech. NOTE: Hacked web site mitigation costs can start at $1,500.
 
Although there is no perfect solution as ANY site has the potential to be hacked, preventative measures make it more difficult for intruders.

Sucuri report

Websites require consistent updates to the theme framework software, the content management system (CMS) and the plugins software. A 2019 report published by Sucuri, a website security service, notes the major reasons for these hacks are poor passwords, vulnerabilities in plugins and themes, misconfiguration issues, and a lack of maintenance of the site by companies, who often do not update their CMS, themes, and plugins. It should also be said that the server environment (the place where the site is hosted) is extremely important.
SEE FULL REPORT

A shift in content management systems (CMS) infections:

A CMS is the engine of your website.  This is a list of the top open source CMS systems. This data is part of the Sucuri report.
  • WordPress infections rose from 83% in 2017 to 90% in 2018.
  • Magento infection rates dropped from 6.5% in 2017 to 4.6% in 2018.
  • Joomla! infection rates dropped from 13.1% in 2017 to 4.3% in 2018 (OUR FAVORITE, see note below).
  • Drupal infections rose from 1.6% in 2017 to 3.7% in 2018.
Over the past 13 years, Joomla has won close to 20 major awards and recognitions, none more prestigious than the CMS Critic People’s Choice Awards, which it has dominated continuously from 2014. WordPress won it last in 2013.

Recommendations

  • Keep all website software up-to-date..
  • Passwords - “password” is one of the most used passwords. Be brave in creating a good password. They should be at least 8 characters long with numbers, lowercase and uppercase letters and at least two special characters e.g. % & ?  * > < } +
    • Hate trying to remember them? Use a service like LastPass. It's inexpensive, encrypts the passwords and can used wherever you are and on different devices.
  • Password protect the Administration folder for the CMS
  • Add Two-Factor Authentication to login for administrative area of website
  • Installation of hardening and monitoring software
  • Older sites (3-4 years or more), migrate to the newer systems

Questions?  Give us a call: 970-962-9203 or Contact Us by email.
X

Right Click

No right click