A bunch of data flows forward and breaks a shield thus breaching security

Every website is attacked by malware, ransomware, and phishing sites on a daily basis. Large businesses have experienced technicians who are in charge of preventing these attacks from becoming hacks, so the attacks are of little concern to them. However, small businesses have less money, few (if any) technicians, and rarely any security programs. So what’s the chance of your small business’ website getting hacked?

The Numbers

The security firm SiteLock reports that small business websites get attacked 44 times a day. Of course, not all of these attacks lead to infection, but their studies showed that as many as 18.5 million sites are infected with malware at any given time.

If you’re one of the many small businesses using WordPress as your CMS, be aware that the popularity of the program makes it a huge target for hackers. Running plugins on your site makes you especially susceptible – one to nine plugins make your site twice as likely to get infected by malware, and twenty or more plugins make your site four times as likely. The reason is that although many businesses update the WordPress software regularly, they generally don’t update their plugins. Newer versions of software are usually less vulnerable to infection.

What is Ransomware?

Ransomware is a means for attackers to ransom your website’s data. They encrypt the data and tell you that they won’t decrypt it unless you pay them a certain amount of money. A typical ransom is about $300, but that usually increases significantly if the hacked site has sensitive information. For example, the ransom for a healthcare site that holds patient information will usually be much higher. In February of 2016, the Hollywood Presbyterian Medical Center was a victim of ransomware. They ended up having to pay $17,000 to get their data back. In the same month, a South Carolina school was forced to pay $8,500 to get their data decrypted.

What Can I Do to Prevent a Cyber Attack?

Without a team of technicians and cyber security professionals, it’s nearly impossible to completely eliminate your site’s chance of getting hacked or infected. However, there are some steps that you can take to mitigate the risks:

  • Software updates: Make sure that you’re regularly updating your plugins, themes, and CMS software.

  • Avoid spam attacks: Inform your employees of what to look out for in terms of spam. Making sure that they don’t click suspicious links will reduce the chances of easily-avoidable hacks. Let your employees know that it’s always okay to ask if an email is safe to open.

  • Back up data: If your data is backed up, you can often restore it without having to pay the ransom that ransomware attackers demand. It also makes it quicker and easier to restore your site after a malware attack.

  • Invest in security programs: You may not have any security programs in place yet, but these are a must. Antivirus software like Norton will greatly reduce the chance of you or your employees encountering infectious links or phishing sites. Website security software will protect your site from malware and ransomware. Remember that both the server the website is hosted on and the site’s content management system must be protected. Software solutions like SiteLock or Securi do a good job protecting the site’s hosting platform, but don’t forget to add a security and intrusion prevention plug-in like WordFence to your CMS as well.