business-cybersecurity-measures-for-websites

How to implement robust Business Cybersecurity Measures for Websites

Nothing strikes fear into an IT professional’s heart quite like the sight of the dreaded Blue Screen of Death (BDOS) splashed across a computer screen.

So, Friday 19th of July must have been a busy day for cardiologists as well as systems administrators as machine after machine in many of the world’s biggest airports, hospitals and businesses went blue.

The culprit was a dodgy update cyber security software company CrowdStrike pushed to Windows users of its Falcon security software in the early hours of the morning.

The patch was meant to keep users safe against novel attacks by cyber malefactors but in fact, did the opposite and took down millions of systems.

It can be difficult to protect against this type of glitch, especially when the problem arises as a result of ‘friendly fire’, as in the latest bug.

The best we can do is patch the buggy software, reboot and hope for the best. Microsoft quickly released a couple of tools to allow users to do just that.

If there is a silver lining to the CloudStrike cataclysm, it is that it reminded us that we need to have robust systems and backups in place for when things go wrong.

For any business, the website is the gateway to customers, so anyone running or managing a business would want to ensure there’s no or hardly any downtime. So, let’s take a look at some of the main threats and the tools and strategies we can use to protect ourselves against them.

1. Use Threat Protection

install-threat-protection-for-business-cybersecurity

The CrowdStrike Falcon update failure was so devastating because the software is ubiquitous – it is installed on over eight million machines worldwide to protect them against cyber attacks, including viruses and malware.

Everyone needs antivirus, especially business owners with a website. Last year, the total number of global malware attacks hit 6bn, a 10% increase year on year.

Malware and viruses can wreak havoc on a website by giving bad guys access to user info and allowing them to deploy ransomware, which in turn allows intruders to extort money.

Not only is it important to install antivirus and antimalware software, but just as importantly, it must be kept up to date to have the latest virus signatures so it can spot novel threats.

Equally, it is important to carry out regular scans to keep systems clean. With a SeekaHost website, this can be done easily via the control panel.

AI Developments for Cybersecurity

The threat landscape websites face is evolving, often rapidly.

The recent developments in AI and especially the machine learning algorithms that power the technology mean that the threats have been supercharged.

Next-generation antivirus (NGAV) uses a mix of AI, behavioural detection, machine learning and exploit mitigation to anticipate and counter new threats.

Providers of NGAV often make the service available in the cloud to business users so that it can be deployed quickly and maintained remotely.

Avoid the Google blacklist

If Google finds that a virus or malware has infected a website, it is likely to end up on what is known as the blacklist, a no-go area of the internet that signals death for a website.

Users and clients who attempt to visit a website are given a warning that it is infected with a digital nasty. In some instances, the site is removed entirely from the listing.

This can cause untold damage to a business’s reputation and bottom line. Not only will customers be unable to access a site, but even if the site manages to get back in Google’s good books the hit to the reputation and sales can be fatal.

2. Beware of Social Engineering

beware-of-social-engineering-for-business-cybersecurity.

The type of attack most website owners were targeted with in the past was of the malware and virus kind we have just covered.

However, deploying dodgy software on a victim’s servers can be time-consuming and tricky.

For example, almost 90% of a cyber attacker’s time is burnt up breaking in and gaining initial access. By reducing or eliminating this time, adversaries free up resources to conduct more attacks.

That’s why the bad guys have upped their game in recent years and turned to more subtle means of gaining access to servers and wheedling confidential information out of victims.

This trend has been especially apparent over the last five years, as malware-free activity represented 75% of detections in 2023 — up from 71% in 2022.

To do this, they have resorted to phishing, social engineering and access brokers, all with the aim of exploiting vulnerabilities and trusted relationships to acquire passwords and personal information.

Phishing

We’ve all been the target of a phishing scam – emails that seem to be from a colleague or client asking for sensitive information, a threatening voicemail call claiming to be from the tax authorities or an offer too good to be true from an overseas oil baron offering untold riches in exchange for a few personal details.

The list goes on.

However, with a simple spam filter, many of these phishing messages can be filtered and stopped.

Filters can be activated easily in SeekaHost’s control panel and spam scores can also be set so that only emails the system believes are non-spam get through.

3. Activate a Firewall

The first line of defence against most attacks is the trusty firewall.

It acts as a barrier between a web server and potentially harmful internet traffic, sifting every byte of data that passes through to ensure it isn’t harmful.

This ensures that any malicious attempts to access your data are thwarted right from the get-go.

The good news is that a firewall comes as standard with most website hosting services, including those provided by SeekaHost.

4. Add an Extra Protection: A Reverse Proxy Server

add-an-extra-protection-a-reverse-proxy-server-for-business-cybersecurity

An added layer of protection comes in the form of a reverse proxy server, which shares similarities with the common firewall.

A reverse proxy comes in useful if a business wants to restrict access to certain sites for its employees so that they aren’t distracted at work and don’t access unsuitable material.

They also mitigate a wide range of targeted attacks, especially those that seek to probe vulnerabilities in a site by overwhelming it with page requests or unsecure ports.

Using a reverse proxy also means a website or service never needs to reveal its true IP address to the world. This makes it much harder for attackers to target it with a DDoS attack (see next section).

5. Guard Against DDoS Attacks

This a nasty type of cyberattack that occurs with worrying regularity as hackers and ne’er do wells look to put a site out of business.

Understandably, having a website or app swamped with requests eats up bandwidth and means legitimate users are crowded out, losing a website money and damaging its reputation.

To militate against this type of attack, the best thing a site can do is to reduce the size of its target.

This typically means putting a piece of hardware or software – firewall or proxy – in between the digital assets and the hackers.

Captchas

Based on an analysis of seven million websites, SiteLock reports that websites currently experience an average of 94 attacks every day, one of the most prevalent and powerful is a brute force or dictionary attack.

By trying different permutations of passwords, a brute force attack can be successful if a high-powered computer can hit a website millions of times a second.

A simple way of warding off this type of attack is to use captchas on the login screen. These are typically simple puzzles that need human input to answer, thereby ensuring the login request is legitimate.

6. Obtain an SSL Certificate

If a website collects any kind of personal information, and especially if it asks for payment information from users, a website needs an SSL certificate from a trustworthy certifying authority to encrypt that data and give users peace of mind.

SSL certificates ensure that the data travels securely from a user’s browser to a website server.

The SSL certificates provided by SeekaHost use a 256-bit encryption key for maximum data protection.

Furthermore, an SSL certificate is also essential if a business is to comply with General Data Compliance (GDPR) rules.

7. Perform Backups Regularly

The CrowdStrike rollback mechanism required a bespoke tool to get affected systems back on their feet, but in general, no tools are necessary – just a simple rollback to a backed-up save point will suffice.

In general, it is always good to perform regular backups so that a system can be rolled back to a restart point should an update go wrong.

SeekaHost performs regular backups of the data hosted on its servers – typically, these are carried out weekly or monthly.

The entire site and databases can be backed up and a handy zip file of the site emailed to the site owner to store locally or offline.

This version can be uploaded and restored via the website’s control panel should the worst happen.

Closing Thoughts

The CrowdStrike episode was regrettable, but updates are inevitable and essential.

Always install updates when they become available. Most control panels and systems allow updates to be managed and scheduled so that they are deployed at a time convenient to the owner.

Updates can be downloaded and installed automatically, but to ensure more control of the update process they can be required to ask for permission before they get to work.