Wednesday January 24, 2024
Keeping Your Website Secure in 2024: Five Lessons Learned From Last Year and Helpful Tips
Hostinger has been keeping your websites safe and secure since 2004. Each year presents new challenges for website security, and 2023 was no exception. Last year was famous for the rise of artificial intelligence, which is also used by cyber criminals.
Discover how Hostinger thwarted attempts by malicious actors to compromise the websites of over 2 million customers in 2023. Together with the five lessons learned, we will also share some insights to help you avoid cyber threats.
Sales Attract Malicious Actors
The Hostinger malware scanner, powered by Monarx, identified and cleaned nearly 500 million instances of malware throughout the year. The number of cleaned malware is twice as low as it was in 2022, mostly because we have learned how to deal with Phoenix, an uploader delivering other malware to systems.
After excluding the influence of Phoenix, there’s actually been a significant increase in the number of unique malware pieces over the past year, a trend likely to persist.
Malicious activities peak during sales when more people are online, spending money, and may not be as cautious about security. Our malware scanner was working tirelessly during major sales in November and December, and minor spikes were observed in May and August.
Additionally, generative AI is increasingly contributing to an arms race with hackers by making malware more sophisticated and destructive.
Enterprise Raiders Target Small Businesses
Webshells, uploaders, and adware continue to dominate website malware charts, but new threats are emerging for small businesses and mom-and-pop shops.
First, ransomware is increasingly targeting them by encrypting data and demanding a ransom for recovery. A year or two ago, it primarily targeted large, solvent businesses.
Second, cryptocurrency miners are intensifying their activities, particularly when bitcoin prices fall and the number of traditional miners drops, making mining on web servers lucrative.
Finally, redirects are gaining popularity and pose a significant threat due to their rapid mutability, often infiltrating both good files and databases. The wp_posts table is particularly popular, but they can be all over the place.
Dealing With 500 DDoS Attacks per Day Is the New Normal
In 2023, our infrastructure faced over 185,000 distributed denial-of-service (DDoS) attacks, averaging 500 attacks per day. Data centers in the US witnessed the highest number of attacks, followed by Brazil and India.
Our advanced traffic filter efficiently thwarted the majority of DDoS attacks, automatically activating within seconds and diverting malicious traffic to the filter instance. This method allowed us to reduce the use of remotely triggered black holes by up to 95%, resulting in a better uptime for our services and clients.
The traffic filter has handled some really powerful attacks. Several of them took place just before the major holidays, on December 21 and 24, in our Singapore data center. The first one persisted for over 6 hours, hitting customer websites with 2.3 million packets per second (Mpps) and 18 gigabits per second (Gbps). A few days later, another attack unfolded, peaking at 3.6 Mpps and 1.3 Gbps.
The good news is that neither these nor the myriad other attacks had any impact on our infrastructure or your websites.
The Power Struggle Between Botnets and CDNs
Botnets, notably Mirai, represent another type of malware that saw a rise in tandem with improvements in content delivery networks (CDNs). To simplify, the better CDNs become, the larger botnets you need to flood websites successfully, and vice versa.
An illustrative example lies with Hostinger CDN. Launched in the middle of last year, it automatically mitigated numerous attacks, including one of considerable potency. Over a three-hour period, more than 10 million requests per second (Mrps) engulfed a client’s site. Following the incident, our experts analyzed the data and leveraged it to enhance our CDN, making it three times more powerful than it was before the attack.
Obviously, this incident doesn’t measure up to the record-breaking 71 Mrps attack that Cloudflare mitigated last year. However, it’s important to note that our clients are not among the Fortune 1000.
Beware of Fake and Unsecure Plugins
WordPress, used by 43% of all websites, including over 3 million hosted by Hostinger, stands as the most popular content management system. No wonder it continues to be a prime target for cyber threats.
Major WordPress security vendors such as Patchstack, WPScan, and Wordfence identified over 4,000 Common Vulnerabilities and Exposures (CVEs), constituting around 14% of all CVEs discovered last year.
Plugins are at the core of these vulnerabilities, with fake plugins taking the lead. The details of these plugins may vary, but both their quality and quantity have been rapidly increasing. We anticipate this trend to persist throughout 2024 as generative AI makes the creation of fake plugins even more accessible.
For Hostinger clients, WordPress automatic updates and a vulnerability scanner come to the rescue. The scanner promptly notifies clients if vulnerabilities are detected on their websites and provides advice on necessary actions.
How to Keep Your Business Safe Online in 2024
While the challenges may seem overwhelming, securing your business online is within your control. Choosing a reliable hosting provider is crucial, alleviating concerns about most potential threats.
Look for SSL certificates, a malware scanner, a web application firewall, DDoS filtering, built-in CDN, automatic updates, backups, and 24/7 monitoring. Luckily, as you’re already on the Hostinger blog, the solutions you need are just a click away.