Over the years since the internet has come to dominate the technology and business landscape, I’ve often compared the growing tide of malware and general bad behavior found online to pollution. Like its physical manifestation, the source of internet pollution can’t be tied to a single cause or factor or even several of them. The rising tide of malware, spam, cybercrime, and even fake news is caused by a relatively small group of ignorant, mercenary or even outright malicious agents, but because of the way the internet works, there are few practical ways to stop it from spreading everywhere. If you imagine that the internet is the ocean, this stuff is a gigantic oil spill, illegal toxic waste dump and six-pack rings spreading everywhere.
And your website is soaking in it.
Most of us access the internet like we tap our water supply – through (more or less) filtered pipes connected to the main source. Just like I wouldn’t recommend drinking your water straight out of a lake or stream without some filtering, accessing the internet without proper protections is asking for a nasty infection. But have you considered the chilling fact that your website is out there, right now, braving the internet without a hazmat suit? According to at least one internet security company, over half of all website traffic is generated by bots, and more than half of that traffic is malicious. More importantly, they found that for the smallest, least trafficked websites (0-10 human visitors per day) had the highest percentage of non-human traffic, and because they were less visible and more likely to be unattended, they were more likely to be attacked and successfully compromised. Does that sound like a website you know? Maybe your own website? On average, C2’s webserver is attacked several hundred times a day, and, let’s face it, compared to the rest of the web, we’re at the very low-end of the traffic scale.
As to why anyone would attack a site that isn’t visited that much? A compromised website has many uses, many of which actually require that attention not be drawn to the compromised activities occurring on your very own internet island. This allows the attackers to leverage your site’s computing and broadcasting power (however small), essentially drafting it into a massive mesh of zombified soldiers that aren’t limited by a workplace or home firewall. And there are a ton of low-traffic websites. It’s the internet-version of the age-old question of, “Which would you rather fight?” One massive, infected website, or a million tiny, but infected, websites?
Unless you are a skilled website administrator, securing your site isn’t trivial. Definitely leave it to the professionals, but don’t leave it undone. Your website is floating in polluted waters, and unless you take necessary precautions, your little bit of internet paradise might end up looking like the picture attached.
Image courtesy of Sujin Jetkasettakorn from FreeDigitalPhotos.net
If you thought you had data breach fatigue, prepare to be exhausted this week:
- Hacker tries to scam Internet with fake DropBox password database – DropBox refutes the claim, noting the “proof of hack” provided consisted of known stolen passwords from other sources.
- Kmart Hacked – Undisclosed Quantity of Credit Card Numbers Stolen – Sears-owned retail outlet may have been a victim of known point-of-sale malware “Backoff”, says no identity info stolen, just credit and debit card numbers.
- SnapChat denies it was source of potential racy photo leak – Third-party addon app “SnapSaved” blamed for providing an avenue for hackers to save pictures from SnapChat. SnapSaved admits to security breach, but downplays claims that hackers could provide a “searchable” database of photos.
- NATO Summit Gets Breached by Russian Hackers – Hackers whom security analysts believe to be Russian exploited a Zero-day flaw in Windows operating systems through a spearphishing campaign targeting Ukrainian government workers, leading to breaches on government servers and probably information leaks from Summit proceedings.
- Google Documents Flaw in SSL 3.0 Protocol – Google documents a serious flaw in encryption protocol SSL 3.0, immediately removes it from Chrome web browsers. Though outdated, SSL 3 is still widely used as a fallback protocol when newer protocols fail to function.
- 850K Records Exposed in Oregon Employment Dept Website Breach – State-run website exposes personal information on hundreds of thousands of job seekers. No financial information was exposed, but leaked info could lead to identity theft.