26 Nov, 2017

Website Anti Malware for Small and Medium Business – Myths Revealed

Learn how hackers use geolocation awareness, IP address awareness, and language awareness to hide malware on websites and how Quttera can help you detect and remove it.
ThreatSign users represent almost every industry out there. They are doing a great job, each one in their domain of expertise, in creating products and services that change the lives of their clients making them better. Assistive software solutions that help people with dyslexia and dysgraphia in their struggle to read and write, a biotech company researching new medicines, resort boutiques, healthcare services, and the list goes on.

When you run a customer-facing website, you must have the peace of mind to concentrate on marketing, customer support, website management, new content creation and other tasks to take your business to the next level. Business owners oftentimes don't have the time, enough expertise or budget (this is a myth, and we'll see this below) to protect their websites from malware, clean infected websites in a timely manner, monitor their websites for potential security threats and perform other essential security measures. When an actual attack succeeds it is critical to remove malware and fix security issues as quickly and accurately as possible in order to maintain business continuity.

In some cases, you will realize that your website was infected with malware in a day or two, or even immediately, when some of the following hacking symptoms occur:

  • Your website gets blacklisted by Google or Yahoo and visitors to your website see the Chrome (or Bing) warning window instead of your page content. If you use Google Webmaster Tools you would most likely receive a notification prior to that.
  • Your businesses server gets hit with Ransomware and it locks your files system.
  • Visitors to your website get redirected to pharma sites (Malware/pharma hack), fake update downloads, fake updates for Flash and media players, etc.
  • Your hosting provider blocks your website due to malicious content being detected. In shared hosting, the problem is even bigger because if one website is hacked the others that share the same location are at potential risk.
However, in other website hacking incidents, your website might be infected with malware for quite a long time without you even noticing it. Our experts have removed malware from websites that have been exploiting the victim websites for as long as 5 years.

Here are few signs that your website has been infected with such malware:

  • Cloaking malware or geolocation-malware that is triggered based on the visitor IP or other data. One of our customers was contacted by his clients from the same country that reported an incident to him, while clients from other locations were not affected. Such malware can also target certain operating systems, web browsers, trigger by date/time, or other visitor specific parameters.
  • Blackhat SEO spam (also known as "Blackhat SEO", "SEO poisoning") injected into a website - when Google search results for your website shows content that is not associated with your website: pharma, adult, gambling, etc.
The well-being of your company or business can be affected by malware of any type. Let's take some vital components that form a foundation of each successful online business.
Reputation
Phishing damages your reputation and customers will think twice before visiting your site again. Hidden malicious iframes will associate your website with dangerous and potentially illegal content.
Organic Search Improvements and Efforts
Blackhat SEO can ruin your organic search positions through poisoning techniques. Hackers use your website’s top search results in Google, Yahoo or other search engines and popular pages to highjack the authentic links redirecting visitors to scams like online casino, pills/pharma sales and etc. Like in example that we have covered in Blackhat SEO spam injection post
Paid Search and Display Ads Campaigns / Pay Per Click (PPC) Ads Campaigns
blacklisted business website or websites blocked by your web host means that you wasted your budget with no results.Now let's get to the cybersecurity myths themselves.
Website Malware Solutions for Small & Medium Business - Cybersecurity Myths
Quttera has been providing website security for the small and medium business market since 2005. We have been removing all possible kinds of malware from our customers’ websites. ThreatSign’s incident response team has handled numerous hacking remediation cases to help businesses recover from ransomware, spam, pharma hacks, backdoors and other kinds of malware. With the rise of content management system (CMS) platforms, big data, and “websites with a click” solutions it is much easier to get online and start legal or illegal activities. The ThreatSign support team is processing hundreds of requests on a daily basis and we have learned to see that there are misconceptions or even myths about website anti-malware and cyber security. We have organized them into a few of the most common, categories:

Myth 1: “My business is not big and it is a niche one so my website is not a profitable target for the hackers.”
Reality: The majority of the hacking attacks plant malware on websites using automated tools and frameworks. One of the good examples is a big Spam campaign that involved 4000 unique IPs. The hacker’s profits grow with each infected website added to the malicious network, also called a botnet. With an, approximately, one-third of websites powered by popular open-source CMS platforms: WordPress, Joomla!, Drupal and Magento. An unpatched vulnerability in their code exposes thousands of websites to malware and other cyber threats. Once hackers discover such security vulnerabilities they leverage them to launch automated cyber-attacks on websites regardless of their content or popularity.
According to Quttera's Annual Website Malware Report | 2016, the following vulnerabilities have been filed against top 6 Content Management Systems (CMS):
Myth 2: “I don’t need website security monitoring because there is no malware on my site. I will buy a one-time malware cleanup for my website when it is compromised in the future.”
Reality: There are no 100% hacker-proof websites or security solutions. The best strategy to protect from web malware is to establish efficient cybersecurity risk management, checking your website for malware and any suspicious content periodically (automated monitoring) and on-demand. You save much more resources, time and budget when you detect suspicious activity before it ends up in massive infection and blacklisting of your website. Especially, for eCommerce websites and online shops where your customer data is at risk and when every day that your site is offline due to malware is a loss of profit.
One-time malware cleanup is useful for a short period only since it just postpones time until the next malware incident occurs. That's because current websites are dynamic and their content changes constantly due to:
  • new plugins being added (malware in free WordPress plugins and themes are one of the common sources of attacks on CMS-based sites)
  • CMSs have unpatched vulnerabilities
  • Comments sections are usually allowed
  • Authorization for membership management, etc.
This is a highly risky and dangerous approach to website security since the impact of hacking in such cases might even be irreversible.

Myth 3: “A big team of security experts and IT professionals is required to handle website malware issues. We don’t have a budget for that.”
Reality: In the era of the cloud-computing, big data and APIs, web security now can be provided in the Security as a Service model, SECaaS. ThreatSign website anti-malware services like server-side malware scanning (FTP/sFTP), client-side malware scanning (HTTP/ HTTPS) and other security components do not require local installation or maintenance. ThreatSign is running in a distributed cloud environment and it is capable of covering malware monitoring for big data, web hosting, and of course small and medium business needs. You manage your monitored websites through a web-based dashboard UI and can access them from any device and location. You get malware scan reports for each monitored website emailed to you. With a click, you can request malware cleanup and remove your website from the blacklists of Google, Yahoo, Norton, and any other authority lists. You can set up DNS/ IP monitoring, uptime monitoring and much more. All this would cost you a fortune with an in-house IT department. Compare it with ThreatSign annual anti-malware subscriptions for websites prices to realize how much budget you do save.

So What’s the Best Anti-Malware Strategy for Your Business?
A secure and trusted website plays a vital role in the success of your business. Let’s list some of the key benefits a malware-free website brings to your business.

From the operational perspective: potential employees can find a job at your company through your website. You can manage your staff or perform any other tasks to operate your business through your website.

From the sales perspective: your website is what brings in new clients and maintains existing ones. It helps you to present your unique brand identity and establish your reputation in the market. Some local restaurants owners say that their annual sales turnover through their websites is over $2 million.

All those benefits are worth being protected. Because your website can also cost you your reputation and impact sales if you fail to manage cyber security risks and outages correctly and on time. That said, hacking should not be a reason to avoid hosting an eCommerce or your own website. As a business owner, you can employ website anti-malware protection easily while still enjoying the benefit of selling online.

At ThreatSign we make sure your business's website is malware-free so that you can concentrate on what you do best. As a comprehensive anti-malware SaaS platform, ThreatSign runs all essential cyber security tasks in remote mode without involving any of your staff or resources. This includes:

  • Website anti-malware scans (monitoring) - both internal (server-side malware scanning) and external (client-side malware scanning) as well as providing comprehensive reporting on the security status of the website
  • Website blacklisting monitoring - checking website URLs on blacklisting sources to make sure they are not blocked
  • Website uptime monitoring - we monitor your website uptime and alert you when your website is down and when it is up again
  • Hacking remediation & malware cleanup - we cleanup all malicious code injected into your website applications, file system and databases, restoring your website to online status
  • Blacklisting resolution & warning removal - we work with search engine vendors and antivirus companies in order to remove your site from blacklists
  • DNS/IP monitoring – we ensure that your business website DNS records are not compromised, and website URL leads visitors to a proper location.
  • Website hardening – we prevent the reinfection of your website by providing a complete audit of the website files, missing patches, configuration best practices, etc…
Join thousands of businesses protected by ThreatSign, start securing your websites and choose a website security plan that fits your needs. If you’re not sure which plan to select, contact us and let us help you to choose the best cyber security protection for your business.

  • MICHAEL NOVOFASTOVSKY
    Co-Founder & CTO of Quttera. Michael has designed and developed a Malicious Content Detection System - the core technology of all company's products. Michael has almost two decades of experience in developing software. His interests range from Linux kernel, software development, application firewalls (WAF), vulnerability exploits, analytical & machine learning algorithms, data mining, malware research and network security.