Why Are Small Businesses Websites Hacked?

Small to mid-sized, web-based businesses are often the number one target for hackers, why?…

  • Many small businesses are on shared servers. This multiplies the potential access points for a hacker to exploit.
  • Small to mid-size businesses usually don’t have an IT department that keeps server hardware and software up-to-date.
  • Website versions and plug-ins are often out-of-date and easily hacked.
  • Small to mid-size companies usually don’t have internal security practices, so passwords and access are easily compromised.
  • Small business websites are often built on common, open-source frameworks. These frameworks are popular to hackers because there are so many and the same weaknesses can be exploited across all of them.

Hacking is here to stay, so business owners should be proactive by taking the necessary steps to protect their website and customers from an attack.  Here are a few tips to help get you started.

Hackers are increasingly targeting small businesses due to the fact that many larger companies have invested heavily in advanced cyber security systems, making them more difficult to hack. Every day, Google identifies 9,500 websites infected with malware, 4,000 of which are legitimate.  That means that these are either innocent websites that have been compromised by malware authors, or websites that are built specifically for malware distribution and phishing. The presence of malware on a website triggers a warning on search engine results that every site visitor will see before they visit your website.

Typically, website owners learn they’ve been hacked when they see these browser and search-engine warnings, a sign they’ve been blacklisted, according to a survey by StopBadware, a nonprofit anti-malware organization.  A much smaller percentage of businesses are notified of the problem by one of their technology providers.


How To Prevent an Attack on My Small Business Website? 

For businesses trying to prevent a security breach or hack, we urge business owners to appoint an official ‘webmaster.’ A webmaster will look for the underlying weakness that could enable a hack.  Here are some best practices that your business should incorporate into regular website maintenance:

1. Sign up for Google Webmaster Tools

Google will send you notifications of malware infections immediately, sometimes before blacklisting occurs, so you can get a jump on managing malware and the damage to your website. Webmaster Tools also provides details about the problems and suggests ways you can repair your site.

2. Use strong passwords and keep them protected

Just about everyone knows they should use complex passwords to protect their privacy, but that doesn’t mean they do. Use strong passwords to your server and website admin area, and require strong password practices by your users to protect account security.

There are many password protection apps available.  One of them is LastPass, a password program that:

      • Performs a security check of all of your online accounts and identifies weak and duplicate passwords.
      • Generates new passwords for each account.
      • Saves each password so you don’t have to remember.
      • Enters the passwords for you when you visit each website.

3. Hire an expert

Make sure that your entire staff practices online hygiene such as strong passwords, checking for suspicious links and careful use of social media sites. If you need a second set of eyes, then seriously consider hiring an outside consultant to monitor your systems and websites. We can recommend several local 24/7 Los Angeles companies that monitor and support networks.

If you have a WordPress based website, another solution is to use Executionists’ WordPress Updater service. For a low monthly cost, we scan for security vulnerabilities, update plugins and frameworks and backup your data. Contact us for more information.

by admin
Posted: December 2, 2013