(The Hosting News) – SiteLock LLC (www.sitelock.com) the global website protection company that protects more than 700,000 online businesses, today released a report which provides clear evidence that small businesses are now squarely in the sights of hackers.
SiteLock scans hundreds of thousands of small business websites every day in search of a variety of vulnerabilities. In just the month of April 2013 alone, the company identified between 5,000 and 10,000 small business websites every single day, mainly in the U.S., that had serious security vulnerabilities that could be or already had been exploited by hackers.
“Our daily scanning for a wide variety of security vulnerabilities confirms that not only are small business websites exposed to serious risks, in many cases these vulnerabilities have already been discovered and exploited by hackers,” according to Neill Feather, President of SiteLock. “Small business owners need to understand how website risks are business viability risks, and should be addressed with urgency.”
In any one day, SiteLock finds an average of 7,000 to 10,000 small business websites with serious vulnerabilities, and nearly half of those sites have already been hijacked and have malware installed. This malware is typically planted by hackers using automated tools to identify vulnerable websites. The malware is then used to infect visitors to those websites, send phishing e-mails, infect other computers, and even attack other websites through Distributed Denial of Service Attacks.
“My web site was being hit all the time, costing me up to $30,000 every time. Not to mention how many customers I lost,” said A.G., a SiteLock customer who doesn’t want to be identified for fear of retaliation. After losing more than $300,000 to web site attacks and malware that resulted in blacklisting by search engines, he turned to SiteLock for help. “I had no idea the damage malware could do to my web site. Since I started using the SiteLock website firewall, I haven’t had a single security incident.”
SiteLock’s report comes on the heels of other studies which found that nearly a third of all cyber-attacks in 2012 were targeted at small businesses, nearly double the previous year and a very worrying trend.
The Top 3 most common security issues discovered by SiteLock were:
- Cross-Site Scripting
- SQL injections
Malware that hides on websites to infect visitors is known as a drive-by download, and in January 2013 the European Network and Information Security Agency (ENISA) identified the drive-by download as the number one cyber threat worldwide.
“A website is a valuable asset, but an unprotected website is a vulnerability that small business owners can’t afford to ignore,” said Neal O’Farrell, an expert on small business cybersecurity and an advisor to SiteLock “Not only are they exposing their livelihood and their customers to serious risk, they also create a national security risk by providing a platform for malware to spread to other computers and users and even potentially attack the nation’s infrastructure.”
SiteLock is a global website security technology and services leader, protecting more than 700,000 online businesses. SiteLock finds, fixes and helps prevent malware and other threats from affecting websites and their visitors. As a member of a number of cybercrime awareness and prevention associations, including the Anti-phishing Working Group (APWG), the Online Trust Alliance (OTA) and StopBadware.org, SiteLock continually strives to educate the small business market about the risks to their websites and help prevent them.