With no website and only two employees, this New York micro startup thought they were safe.
Cyber attacks can include malware, ransomware, phishing, distributed denial of service (DDoS), man-in-the-middle (where an attacker masquerades as your company), and other hacks that exploit vulnerabilities in your system, whether or not you have a website. In the case of the startup, the hackers attacked their online payment system.
According to Positive Technologies, cyber attacks increased 47% in just one year (2017 to 2018); the number one motivation was gaining access, followed closely by financial profit. More than half the attacks targeted companies, as opposed to massive attacks on individuals.
The Wall Street Journal interviewed the owner of the startup. 100,000 stolen credit card numbers had been run through their system for $1 charges as the hackers tried to determine if the numbers were still valid. (A common ploy).
Although the business owners alerted their bank to the problem, because they hadn’t installed sufficient fraud protection services to prevent such activity, they were ultimately held responsible. Before the attack ended, thousands of fraudulent transactions had gone through successfully. Each was reversed and garnered a $25 chargeback fee – totaling a $27,000 bill. The startup went out of business.
How can you protect yourself? Here’s how to identify a cyber attack, especially on your website:
- Unusual password activity, with notification that a password has been changed (without your permission). Compromised passwords may indicate an SQLi attack, which can also be detected by modifications to posts and comments or a disconnected CMS.
- Slower than normal network speeds, often an indication of malware or a hacking attempt.
- Replacement of your website content with the hacker’s logo, content, or images—this is called defacement.
- A demand for payment to return your encrypted files—this is called a ransomware attack. About 22% of small businesses experienced ransomware attacks in 2017 according to one research report.
- An increase in load time or an actual crash. This DDoS attack is caused by a flood of illegitimate traffic.
- Several problems at once (for example, new files, high bandwidth, and disappearing images), indicating a backdoor attack.
- The appearance of malicious ads on sites you regularly visit—this is maladvertising. Make sure ads are consistent with your business and search history.
- Unusual links on your site and a sudden drop in traffic. The cause may be SEO spam, which redirects your traffic to another site.
What you can do:
Never shrug off a change in performance by your payment processor, website, blog, profile, or other online activity. Websites are not the only entry point for those determined to steal information and money from small businesses–or cost them, in chargebacks, noncompliance fees, loss of reputation, and loss of customers. If you need help safeguarding your system or determining if it has been compromised, contact our experts here.