Website safety is a key word which is searched 200 times less in Poland than in other countries. Does it mean that polish websites are less exposed to hacking? Definitely not.
Worldwide losses caused by hacking into companies’ systems are shaped from 375 to even 547 billion dollars annually (source: POLITYKA 27/2015). To compare – Apple had 52 billion income in the last fiscal year – which adequately presents the scale of the problem. In the times when even modern technology bulbs, energy meters and cars are connected to the Internet and blinds and sprinkles are controlled via smartphones – more and more elements of our lives and exposed to hacking.
During Kaspersky Security Analyst Summit conference a well know industrial, medical and aviation systems, safety specialist said: ‘Remote access changes the risk model. Frankly speaking, I don’t think we can trust the producers of those devices (…) they don’t know the terms such as SQL attack injection or buffer overflow. It’s a huge asymmetrical. The knowledge of the attackers is vast, contrary to the group who is supposed to protect the systems’. Although the communicate was directed to the owner of recently hacked car wash owner, it should concern every owner of a website too.
The aim of the attack is not only data robbery, the motivation can be just boasting about the next system burglary among the group of hackers. We never know if the person who hacked our website is not going to use the client or user database. Distribution of confidential information will reflect on our company reputation and reliability.
To avoid being hacked like for example national institutions, schools, universities, restaurants or accounting offices, every website owner or administrator should care about website security. It is worth mentioning that 5 of the above cases were hacked in 9 days. Only on one of the hackers’ forums without any problem a base of 197 other websites hacked in the same period can be found. Majority of them showed threatening information in Arabic, but nothing could prevent the hackers to additionally present pornographic content – like it was done on one of the capital library’s website at the beginning of this year.
While conducting website security audit, I often find countless, basic errors which sooner or later can be used by hackers. I don’t recommend error scanners available online. You never know if information about gaps in a website system will not get into undesirable hands.
Is it worth trying to fix the gaps on your own? It depends on your level of expertise. Without an experience and proper knowledge about database you can only do more damage. Remember that best security practices are especially needed when your website contains confidential information.
Take care of your company reputation and order a free safety report.