Cyberattacks Heavily Targeting Small Biz - Tire Review Magazine

Cyberattacks Heavily Targeting Small Biz

[USA Today] – Since early June, one gang has been using a uniquely insidious type of automated attack to inject malicious code on some 20,000 to 30,000 websites, many of them small businesses that rely on the Internet to reach customers, says Wayne Huang, chief technical officer at website security firm Armorize.

Many small business owners don’t realize about how intently profit-minded hackers are striving to wrest control of their websites to run scams, says Maxim Weinstein executive director of the non-profit StopBadware public awareness group.

"A sophisticated and evolved criminal underground is constantly trying to avoid being detected while spreading their malware ever more effectively," says Weinstein.

Mass injection attacks begin with the bad guys obtaining the usernames and passwords for the administrator accounts of smaller websites. They can purchase logins from data thieves, steal it for themselves, or get them free from hacktivist groups that publicly post stolen account data.

After logging on as the site administrator, the hacker then injects a small program, called a script, that gives him full control of the website server.

Hackers target small firms because: 36% rely on free consumer antivirus applications; 31% have no anti-spam protection; 23% have no anti-spyware; 15% have no firewall; and 13% have no security at all.

Hackers target small business websites because they know those companies "do not have the resources for sophisticated security measures," says Michael Lin, vice president at VeriSign, a division of Symantec.

Criminals use corrupted websites to spread infections to other PCs, thereby fueling data theft as well as scams to sell fake drugs, pitch worthless antivirus protection and steal from online bank accounts. "Your website essentially serves as a surrogate host for malicious content," says David Moeller, CEO of website monitoring and backup company CodeGuard.

The latest mass-injection attacks – including one that recently hit Passen Law Group, a two-man personal injury firm in Chicago – are extremely difficult to detect and remove, says Huang. About a month ago, attorney Matt Passen clicked to the main page of his firm’s website and says he saw "a series of letters and numbers that made no sense to me."

Shortly afterward, Google notified Passen that his website was infected and blocked access to it. Over the next few weeks, Passen, who depends on his website to attract clients, hired experts to find and delete the viral script three times; the first two fixes lasted about a week each before the infection recurred.

"It will easily cost us a couple thousand dollars to remedy, and I can’t tell you what the costs are in terms of lost business opportunity," Passen says.

Most often, the owner of a hacked website doesn’t see anything suspicious. The infected site eventually turns up on one of the blacklists maintained by Google, Microsoft and a handful of other entities that continually look for, and block access to, sites running malicious scripts.

Google’s blacklist, which is used by Google Chrome, Firefox and Apple’s Safari browsers, currently blocks access to some 700,000 sites, says StopBadware’s Weinstein.

Remediation can be a real pain. A cottage industry of consultants and technicians has cropped up to help small business owners, but prices and quality of work varies. A good starting point for any small business owner is to seek free guidance at StopBadware.org.

You May Also Like

Nominations for 2024’s Top Shop award are now open

Are you the next Top Shop? Do you know an independent tire dealer who deserves this honor? Nominate a shop today!

topShop-1400

You know you're the top tire dealer in town. Why not be recognized for it? It's time again to nominate your shop (or a great one you know!) to win the 2024 Tire Review Top Shop Award, presented by Coats. Click here to start recognizing independent tire dealers today!

Nokian Tyres receives A- sustainability score from CDP

This is the fourth consecutive year that Nokian Tyres has received an A- for its climate work.

Nokian-score-low-emissions-stock
Club 3633 nominations for 2024 are open

Club 3633 is an exclusive group of industry professionals that celebrates the next generation of innovators in the tire industry.

club3633-nominations-1400
Straightaway Tire brings on industry vets to promote training initiatives

John Wafler and Jason Servidio will drive platform-wide internal training initiatives for Straightaway Tire.

Straightaway-Tire-stock
TyreXpo Asia 2024 confirmed for Bangkok

The event is expected to attract over 4,000 international attendees from around 60 countries.

Other Posts

Hamaton to relocate its European distribution hub in Germany

The new location, still located on the Siemensring business park, will provide increased storage space and more.

Hamaton-New-Unit-Plan
Hankook Tire’s Rob Williams on leveraging momentum for global expansion

The company’s North America president tells all regarding product philosophy, dealer growth strategy, and what responding to the tire market means in 2024.

Hankook-Dealer-Meeting-Rob-Williams-QA-1400
Bill Ziegler, Ziegler Tire president, dies

Bill spent 48 years with Ziegler Tire, most recently as president.

Bill-Ziegler-600
Pirelli marks 50 million tires manufactured at Mexico plant

Since 2012, Pirelli has invested over $900 million in the plant.

Pirelli-mexico-factory-milestone