The level of the digital security landscape awareness by small businesses is much better than it used to be. This increased awareness has also led cybercriminals to adapt, including launching stealthier methods of attack.
2019 Cybersecurity Statistics
The SiteLock 2019 Website Security Report says these criminals now focus on quieter attacks. But that doesn’t mean they have decreased, because attacks increased by 59% for 2018. And by December 2018 the number of attacks peaked at 80 per day, with an average of 62 for the whole year.
For small business owners, the goal is to continually stay informed and make it as hard as possible for hackers. In the report, SiteLock said the goal of this analysis was to, “Help website owners understand today’s attack surface, enabling them to make educated and proactive decisions about their website security in the future.”
The report looks at attack patterns and risk factors, web code vulnerabilities, and malware types. It also covered the move to stealthy attacks by cybercriminals.
More than 330 bots carried out the average of 62 daily attacks in 2018. These attacks resulted in a consistent 1% rate of infected websites.
One percent seems small. But it translates to 17.6 million websites globally at any given time. Still, SiteLock reports security solutions have become more effective. And this especially applies to defending against high-volume and sophisticated attacks.
Take a look at the SiteLock infographic below.
The SiteLock analysis looked at three types of common vulnerabilities in 2018. These include cross-site scripting (XSS), SQL injection (SQLi), and cross-site request forgery (CSRF).
WordPress, Joomla!, and Drupal now make up 38% of the sites on the internet. So most small business owners use these CMS platforms. And all three can prove vulnerable to cyber threats without an experienced developer.
The CMS sites are vulnerable even with the latest patches. SiteLock recommends teams to prevent vulnerabilities by implementing a holistic website security strategy.
More data in the infographic below.
Launching the quite or symptomless attacks allows the criminals to view, modify, or steal content and data from its victims’ websites without increasing any awareness. SiteLock says this is a departure from the previous way of doing things for hackers.
Malware-infected website is another growing danger but owners assume a search engine will inform them of this fact. The report says only 15% of malware-infected websites are blacklisted. This leaves the vast majority or 85% anonymous.
Take a look at what malware are attacking.
Stay Ahead of the Game
If there is one constant in the digital ecosystem, it is the relentless attacks by hackers 24/7. At the end of the day, if someone wants your data bad enough they will eventually get it. But for the vast majority of small business owners, being proactive with some strong precautions is enough.
The advice from SiteLock is invaluable because understanding the threat landscape is key to taking preventative and follow-up actions
SiteLock recommends proper cyber hygiene and a proactive website security plan so you can ensure your cybersecurity strategy. This will confirm it is effective and your website remains secure in 2019.
Creating an effective security strategy starts with the SiteLock 2019 checklist:
- Choose strong passwords and unique usernames
- Use an inside-out malware scanner that scans daily and automatically removes malware
- Implement a website application firewall to block malicious traffic and attacks
- Conduct quarterly website audits and file review for unusual file names or content
- Remove outdated and unused plugins
- Use a tool that automatically patches vulnerabilities in applications, plugins, and themes
- Select open-source applications based on security factors, such as date of the last update
- Offer ongoing company-wide cybersecurity training
The SiteLock 2019 Website Security Report analyzed more than 6 million websites. The goal of the analysis was to determine which were the most widespread threats facing websites today.
The company used proprietary algorithms and technology to both identify the top risks and emerging trends in 2019.
Please download the full report here and read it.
More in: Cybersecurity