With as many as 14 people falling victim to cyber crime every second, odds are that the longer you have a website, the higher the risk that you will fall prey to a cyber attack.
A Trustwave SpiderLabs study discovered that web markets are one of the top three verticals compromised by attacks. Hackers target a website for many reasons. Their motivation might be as simple as financial incentive or as complex as taking on the challenge of locating security vulnerabilities.
Not every digital attack is equal. An attack could manifest in spyware that collects sensitive information. Or, a hack could start out as a worm that slowly cripples the function of a website until it becomes a full-blown Distributed Denial of Service (DDoS) attack. No matter what drives cyber thieves to a site, information security experience can help detect attacks before they worsen. Those in cybersecurity know the importance of recognizing the signs of a cyber attack and steps you can take to prevent their reoccurrence.
The malware of a cyber attack tends to reveal itself in the very computer language that comprises the site. This is a fast, effective way IT professionals can identify inconsistencies in the code. They can differentiate harmless advertisement code from language containing malware. Spammy words or phrases, such as “meet singles” or “get out of debt” located in the code are often red flags, warnings of an underlying security breach.
Symantec categorizes code threats into four main areas, based on origination and destination:
Drastic Traffic Changes
Changes in traffic volume can be a sign that a website has been compromised. If the analytics platform monitors consistent traffic, but then suddenly reveals a drop in traffic, there may be room for concern. Hackers have the ability to initiate redirects in traffic. For example, if a visitor finds a site through search engine results or by typing the URL in the address bar, both functions will automatically route them to a different site. This lack of routine traffic can also indicate that a website infection prompted Google to remove some of the pages from their index.
Google doesn’t always blindside webmasters with de-indexing. Sometimes the search engine will provide a warning of a cyber attack. In these instances, a warning may be received through Google Webmaster Tools, alerting the user of suspicious activity. If visiting a site is attempted, an error message may pop up that states, “Warning. Visiting this site may be harmful to your computer.” This warning may indicate that malware is trying to infect other parts of a local computer or network.
One obvious signal of cyber tampering may manifest in a hacker’s virtual sense of humor. Hackers sometimes have the capability to completely change a website’s design. This form of cyber attack could include anything from rearranging the layout to adding content or even deleting entire pages.
Initial evidence of a cyber crime can surface in administrative logins. Attempts to access the management functions that allow control of content or commerce are met with error messages regarding wrong passwords or nonexistent usernames. The URL to the administrative portal might not exist as well. This may be part of a hacker’s attempt to eliminate the ability to combat the attack.
A cyber attack can directly impact the operation and navigation of the site by infiltrating the database.
Pages might not load or a broken image icon replaces pictures. Clicking on links to other pages may move at a snail’s pace or a normally-functioning mouse cursor may leave a trail of arrows.
Proactive Measures are the Best Reaction
While having the ability to identify an attack is critical, utilizing methods of prevention can save a website from an attack before it ever happens. A few preventative tips include:
- Using antimalware software that can update in real-time without requiring any diagnostic prompts. Hackers tend to manipulate these program vulnerabilities.
- Trustwave SpiderLabs’ study also revealed that the biggest software weakness was poor anti-automation.
- The more a hacker can disable, the more time and money it may cost to repair. Using a procedure as simple as backing-up the site regularly will save the frustration of building the site from scratch after it has been threatened. Back-ups can be implemented through specially designed software, content management systems or FTP clients.
- Fortify the server with secure permissions and actively monitor records. Using encrypted protocols and paring down the server to host only the necessary applications can help strengthen its security.
Using stronger passwords may seem like an obvious tip for any experienced computer user, but it can be very effective. The Interactive Brute Force Password Search Space Calculator demonstrates the ease of cracking simple passwords. A six-character, lowercase password would take a brute force attacker making a thousand guesses per second fewer than 4 days to crack. But if they had the resources for an offline fast attack to guess one hundred billion combinations per second, it would take a mere 0.00321 seconds to discover the password.
Remaining alert to the cyber attack signals and taking proactive measures may not completely eliminate your website as a target, but it can provide the information security skills to effectively combat them.
Regis University is designated as a Center of Academic Excellence in Information Assurance Education by the National Security Agency and offers a master's degree in information assurance degree.