Small businesses beware: hackers have you on their radar screen in a big way.
While cyber espionage and high-stakes hacks grab the headlines, internet thieves have turned their attention more and more frequently toward small organizations. The encouraging news is that you can protect your WordPress website with a few simple steps:
1. Recognize that the threat is real…and growing.
Mainstream media shine their spotlight on dramatic hacks that breach high-profile organizations and/or compromise vast amounts of data. Headliners include breaches against the Democratic and Republican National Committees, the White House, and the federal Office of Personnel Management. The OPM hack exposed the personal data of 22 million people.
Meanwhile, 43% of worldwide cyber attacks last year were against small businesses with fewer than 250 employees. That’s a giant leap from 2011, when small companies suffered only 18% of cyber attacks.
If these statistics sound ominous, take heart. The number one reason that small business sites attract cybercriminals is the owners’ lack of awareness. This means that once you recognize the serious threat posed by hackers, you’re well on your way to solving the problem.
2. Understand that it’s nothing personal.
Why would a hacker single you out from the 28 million U.S. small businesses? For the same reason a carload of bored teenagers choose a neighborhood for their destructive game of mailbox baseball: opportunity.
Those kids have nothing against the families–or the mailboxes–that line the road. The players simply cruise for a prime location until they find a quiet, out-of-the-way spot.
Similarly, hackers use bots to crawl the internet, sniffing for vulnerable websites. Since WordPress powers 25% of the internet, those sites make rich hunting grounds.
These aren’t directed website attacks, where cybercriminals handpick a target (the White House, OPM) and set about breaking down its defenses. Small businesses are most often the victims of undirected attacks, where hackers simply wait until an automated script turns up a vulnerable website. Your blog’s popularity matters not a wit. Neither does your site’s traffic volume. If a bot sniffs out a vulnerability, you’re on the hacker’s radar.
If you think your site contains nothing of value to a cyberppunk, please think again. Hackers poke around for treasures such as:
– Banking information to access your account.
– Employees’ personal data.
– An opening for “drive by downloads” that infect your visitors’ computers.
– Login information for your vendors’ sites. Remember that hackers penetrated Target’s system using login information from the retailer’s HVAC vendor.
3. Keep your WordPress plugins up to date.
Internet security experts report that out-of-date plugins are the most common way for hackers to access a WordPress site. A plugin is a piece of software that adds functionality to your site. Developers work constantly to close any vulnerabilities. That’s why keeping plugins and other WordPress files up to date is the best way to deter hackers.
The challenge for many entrepreneurs is their perpetually overloaded to-do list. It’s an ongoing, often weekly task to keep up with plugins and other software updates. Spring Insight is happy to help with our new Maintenance Program. For one affordable monthly fee, we keep your WordPress plugins and files up to date while you take of business. We’ll also serve as your expert resource if things go awry. Contact us today to find out how we can help.
It’s an easy way to deter cruising hackers from vandalizing your mailbox–and all your other precious data.