February 25, 2017

Latest Stories:

Brain Sentry -

Thursday, September 3, 2015

The Chicago Bears -

Tuesday, September 1, 2015

SpaceX -

Wednesday, August 26, 2015

Duncan YoYo -

Tuesday, June 9, 2015

The Childproof Container -

Tuesday, May 12, 2015

Dick’s Sporting Goods -

Thursday, February 26, 2015

Smule -

Thursday, February 5, 2015

Ernest Holmes Towing -

Thursday, February 5, 2015

Deep River Snacks -

Thursday, January 29, 2015

7-Eleven -

Wednesday, January 28, 2015

Weed Eater -

Wednesday, January 14, 2015

Fleurville -

Sunday, January 4, 2015

Green Screen Animals -

Thursday, January 1, 2015

CLYNK -

Tuesday, December 30, 2014

Birds Eye Frozen Foods -

Tuesday, December 30, 2014

Entrepreneur Spotlight: Izze Beverage Co. -

Monday, December 8, 2014

Izze Beverage Company -

Thursday, December 4, 2014

CuteTools -

Thursday, December 4, 2014

NCR Cash Registers -

Wednesday, December 3, 2014

David Barton Gym -

Monday, December 1, 2014

Small Business V. Hackers

Is it just me, or is the world ending? Hackers recently took down the CIA website and broke into the United States Senate’s public. Last month it was Sony’s Playstation network. Before that it was the still-at-large group of rogue hackers known as Anonymous.

Hackers have been around for as long as there have been computers and networks to hack. But the problem seems to be escalating. More and more high profile networks and databases are being compromised. All the more troubling is just how much of our personal information some of these databases have, often without our realizing it. Online privacy is almost an oxymoron these days.

Individuals are always at risk. To be alive in the world today is to have information about you floating around somewhere in cyberspace. Things like cyber-terrorism and identity theft have been scaring purple-haired old ladies for over a decade. But what about Small Businesses? Hackers want credit cards from people, and long lists of confidential data from big corporations, right? What would they want with your small business site?

The answer is complicated. There are plenty of reasons your site might get hacked, and it may have nothing to do with your business. But part of the answer is a matter of simple logic: Small business sites often have less security precautions in place against hackers, and are therefore more vulnerable to such exploits.

USA Today recently reported a new kind of attack that a lot of small business websites are falling prey to. It’s an updated version of “popular style of attack known as mass SQL injection, the most prominent recent example of which was the so-called Lizamoon attack last March that corrupted an estimated 5,600 websites, according to Google researcher Niels Provos.”

What the attack does is insert malicious java script code deep into a company’s site. The code does a couple things: it downloads malicious programs to your computer–and unlike the popular “trick you into downloading spyware” method, this one doesn’t need your permission. Secondly, it serves up more malicious code to new sites that are infected by the attack. So these sites are never communicating with “blacklisted” websites–a dead giveaway that there’s some sort of viral infection going on. Instead, they’re communicating with other, infected, reputable websites. Until, of course, Google discovers your site is serving up malicious code and blacklists it, at which point, your website is banished from the search engine. Pretty ugly, right?

Security firm Amorize calls these attacks “mass-meshing.” Amroize estimates that anywhere from 20,000 to 30,000 such sites may be infected. They’ve “released a sample list of 700 websites thusly corrupted by the attackers, of which only 20% have been detected and blacklisted by Google based on this particular attack.” None of the sites are getting the kind of traffic that the recent barrage of high-profile cyber attacks have been targeting. Instead, they’re smaller sites like fashionwatchesjewelry.com and greener-gardens.com. DO NOT GO TO THESE SITES. The mere act of going to them will get you infected, according to Amorize’s chief technical officer Wayne Huang.

So what can you do about it? According to USA Today:

At the moment, there is not much the average small or midsize business owner can do to defend against this wave of mass-meshing attacks. It’s not trivial for a non-technical website owner to determine if his site is infected, nor is cleaning up simple.

And to add insult to injury, the mass-meshing attackers are equipped with tools that can quickly re-infect any website that was cleaned.

If you suspect your web site is corrupted, Huang advises changing the administrator password for the site.

Bummer. But, believe it or not, this isn’t a call for general panic. It’s to make you aware of the kind of risks you face as a small business owner and operator. While this latest and greatest threat may be, for now, unpreventable, there are a number of precautions you can take against the many cyber-threats that are out there.

Earlier this year, Intuit laid out a list of ten ways to protect yourself, and your site, from hackers. Among them are: Only allow routine attachment types (#5), Purchase a business class router to protect your company’s internet connection (#7), and create a regular backup of files, then store them securely offsite (#8). Some of these ideas may just seem like common sense, others may seem like unnecessary precautions. But common sense and precaution are the two things that just may save you from the time-consuming, unwelcome task of recovering from a cyber attack. Remember: small and midsize businesses are not immune to hackers. In many cases, they’re more vulnerable to them than the bigwigs.

The internet is rife with advice for preventing or detecting hacker invasions. I strongly advise that you take some time to brush up on the latest threats, and how to protect your company from them. While it may seem like a pain in the butt, it pales in comparison with the clean-up required after-the-fact.

I’d like to remind you that, within the last year, this very blog was hacked. There were a number of highly exploitable weaknesses in our security, and a hacker managed to easily sneak in and temporarily commandeer the site. It was difficult, but it could have been a lot worse. We were able to recover our site and then put into effect some added security precautions. I consider us lucky that we were able to recover from the attack with relative ease. Some of the more malicious attacks can be virtually irreversible.

The smartest thing you can do is take action before there’s a problem. Make sure all of your systems have up-to-date antivirus software installed, and keep abreast on the latest threats. You’ll thank me later.

To finish things off, watch this YouTube video to learn an interesting technique you can use to make sure that you aren’t unwittingly hosting spam links on your website. A lot of the time, links like this can be hidden deep within your site, and unless you are regularly inspecting every inch of code, you might miss it.

 

Thanks for reading. Stay safe. Oh, and follow Why Didn’t I Think of That?® on Facebook.  :)

Related Posts:

  • https://www.facebook.com/SeoBacklinksTraffic/posts/326746014094768 seo link

    Great site you have here but I was wanting to know
    if you knew of any community forums that cover the same topics talked about here?
    I’d really love to be a part of online community where I can get feedback from other experienced individuals that share the same interest. If you have any recommendations, please let me know. Thank you!

  • |casinos|casino spiele|roulette online|no deposit bonus|Online roulette|roulette spielen|casino spiele kostenlos|casino club|online casino bonus|casino no deposit|spielautomaten online|freeonlinegames|casino spielen|europa casino|spielgeld casino|vegas ca

    If sοme one wishes expеrt view about blogging and site-buіlding after that i
    recommend him/her tо go to seе this blоg, Keeρ
    up the fаstidiοus ϳоb.

  • https://www.facebook.com/SeoBacklinksTraffic/posts/563966566958980 get more youtube video views

    My developer is trying to persuade me to move to .net from PHP.
    I have always disliked the idea because of the costs. But he’s tryiong none the less. I’ve
    been using Movable-type on a variety of websites for about a year and
    am worried about switching to another platform. I have heard great things about blogengine.
    net. Is there a way I can transfer all my wordpress posts into it?
    Any kind of help would be really appreciated!

  • http://www.courtyard-inn.com/tony-hortons-ten-minute-trainer-overview/ 10 minute trainer reviews

    What Is A Beach Body Diet regime And Is This A Beachbody Product:
    ten Minute Trainer Today exercising is extremely critical
    in our lives. This approach combines different physique group
    exercises into straightforward and effective workouts that burn
    fat, create muscle, and operate core muscles all in one particular
    action. These will certainly improve the muscles on the distinct places that they concentrate into.
    Very best of all It’s only ten minutes. The first is in terms of its target audience.

  • http://bitcoinbasics.com/node/5318/ http://tabdig.org

    You actuаlly make it ѕееm ѕo easу wіth уοur presentatіоn but ӏ fіnd this matter tο bе aсtuаlly ѕomething that I think I wοuld nеver unԁerstand.
    It sеems too complіcated and veгу bгοad foг
    me. I am lοokіng fоrward fοr your next post, I’ll try to get the hang of it!

  • Pingback: 2013 at 12:23 pm()

  • Pingback: architect chair()